Kacper

159 exploits Active since Dec 2003
CVE-2007-0369 EXPLOITDB php WORKING POC
Phpbp - SQL Injection
SQL injection vulnerability in phpBP RC3 (2.204) and earlier allows remote attackers to execute arbitrary SQL commands via the comment forum.
CVE-2006-7128 EXPLOITDB perl WORKING POC
JAF CMS 4.0 RC1 - Code Injection
PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary PHP code via a URL in the website parameter.
CVE-2006-4961 EXPLOITDB php WORKING POC
Php Blue Dragon <2.9.1 - SQL Injection
SQL injection vulnerability in the GetModuleConfig function in public_includes/pub_kernel/pbd_modules.php in Php Blue Dragon 2.9.1 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php.
CVE-2006-4960 EXPLOITDB php WORKING POC
Php Blue Dragon <2.9.1 - XSS
Cross-site scripting (XSS) vulnerability in index.php Php Blue Dragon 2.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter, which is reflected in an error message resulting from a failed SQL query.
CVE-2006-4878 EXPLOITDB php WORKING POC
David Bennett PHP-Post <1.0 - Path Traversal
Directory traversal vulnerability in footer.php in David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to read and include arbitrary local files via a .. (dot dot) sequence in the template parameter. NOTE: this was later reported to affect 1.0.1, and demonstrated for code execution by uploading and accessing an avatar file.
CVE-2007-5912 EXPLOITDB text WORKING POC
jPORTAL 2 - SQL Injection
SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
CVE-2006-2576 EXPLOITDB text WORKING POC
Docebo <3.0.3 - RCE
Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in (1) GLOBALS[where_framework] to (a) lib.simplesel.php, (b) lib.filelist.php, (c) tree.documents.php, (d) lib.repo.php, and (e) lib.php, and (2) GLOBALS[where_scs] to (f) lib.teleskill.php. NOTE: this issue might be resultant from a global overwrite vulnerability.
CVE-2007-3138 EXPLOITDB php WORKING POC
Open Solution Quick.cart < 2.2 - Path Traversal
Directory traversal vulnerability in index.php in Open Solution Quick.Cart 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in an sLanguage cookie, which is used to define a value in config/general.php.
CVE-2007-0763 EXPLOITDB php WORKING POC
F3Site <2.1 - XSS
Cross-site scripting (XSS) vulnerability in the news comment functionality in F3Site 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the Autor field.
CVE-2006-4062 EXPLOITDB text WORKING POC
Dmitry Sheiko SAPID Shop <1.2 - RCE
PHP remote file inclusion vulnerability in usr/extensions/get_tree.inc.php in Dmitry Sheiko SAPID Shop 1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[root_path] parameter.
CVE-2006-4026 EXPLOITDB text WORKING POC
Redgraphic Sapid Cms - Code Injection
PHP remote file inclusion vulnerability in SAPID CMS 123 rc3 allows remote attackers to execute arbitrary PHP code via a URL in the (1) root_path parameter in usr/extensions/get_infochannel.inc.php and the (2) GLOBALS["root_path"] parameter in usr/extensions/get_tree.inc.php.
CVE-2006-6633 EXPLOITDB php WORKING POC
YapBB <1.2 Beta2 - RCE
PHP remote file inclusion vulnerability in include/yapbb_session.php in YapBB 1.2 Beta2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[include_Bit] parameter.
CVE-2007-6172 EXPLOITDB text WORKING POC
wpQuiz <2.7 - SQL Injection
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php.
EIP-2026-114491 EXPLOITDB text WORKING POC
Xtreme/Ditto News 1.0 - 'post.php' Remote File Inclusion
CVE-2009-0515 EXPLOITDB text WRITEUP
YANOCC <0.1.0 - Path Traversal
Directory traversal vulnerability in check_lang.php in Yet Another NOCC (YANOCC) 0.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
CVE-2006-5421 EXPLOITDB php WORKING POC
WSN Forum <1.3.4 - RCE
WSN Forum 1.3.4 and earlier allows remote attackers to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php. NOTE: this issue has been labeled remote file inclusion, but that label only applies to the attack, not the underlying vulnerability.
CVE-2006-2888 EXPLOITDB text WORKING POC
Wikiwig <4.1 - RCE
PHP remote file inclusion vulnerability in _wk/wk_lang.php in Wikiwig 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WK[wkPath] parameter.
CVE-2009-2122 EXPLOITDB text WORKING POC
Paolo Palmonari Photoracer <1.0 - SQL Injection
SQL injection vulnerability in viewimg.php in the Paolo Palmonari Photoracer plugin 1.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-2860 EXPLOITDB text WORKING POC
Webspotblogging 3.0.1 - RCE
PHP remote file inclusion vulnerability in Webspotblogging 3.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) inc/logincheck.inc.php, (2) inc/adminheader.inc.php, (3) inc/global.php, or (4) inc/mainheader.inc.php. NOTE: some of these vectors were also reported for 3.0 in a separate disclosure.
CVE-2006-6856 EXPLOITDB php WORKING POC
WebText CMS <0.4.5.2 - Code Injection
Direct static code injection vulnerability in WebText CMS 0.4.5.2 and earlier allows remote attackers to inject arbitrary PHP code into a script in wt/users/ via the im parameter during a profile edit (edycja) operation, which is then executed via a direct request for this script.
CVE-2006-5155 EXPLOITDB php WORKING POC
VideoDB <2.2.1 - RCE
PHP remote file inclusion vulnerability in core/pdf.php in VideoDB 2.2.1 and earlier allows remote attackers to execute arbitrary PHP code via the config[pdf_module] parameter.
CVE-2006-2995 EXPLOITDB text WORKING POC
WebprojectDB <0.1.3 - RCE
Multiple PHP remote file inclusion vulnerabilities in WebprojectDB 0.1.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the INCDIR parameter in (1) include/nav.php and (2) include/lang.php.
CVE-2006-6666 EXPLOITDB text WORKING POC
VerliAdmin <0.3 - RCE
PHP remote file inclusion vulnerability in index.php in VerliAdmin 0.3 and earlier allows remote authenticated users to execute arbitrary PHP code via a URL in the q parameter.
CVE-2007-1708 EXPLOITDB text WRITEUP
ttCMS <4 - RCE
PHP remote file inclusion vulnerability in lib/db/ez_sql.php in ttCMS 4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lib_path parameter.
CVE-2006-2557 EXPLOITDB text WORKING POC
PHP <0.37 - RCE
PHP remote file inclusion vulnerability in extras/poll/poll.php in Florian Amrhein NewsPortal before 0.37, and TR Newsportal (TRanx rebuilded), allows remote attackers to execute arbitrary PHP code via a URL in the file_newsportal parameter.