Kacper

159 exploits Active since Dec 2003
CVE-2006-5762 EXPLOITDB php WORKING POC
Free File Hosting < 1.1 - Remote Code Execution via AD_BODY_TEMP Parameter
PHP remote file inclusion vulnerability in forgot_pass.php in Free File Hosting 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: this issue was later reported for the "File Upload System" which is a component of Free File Hosting. This also affects Free Image Hosting 2.0, which contains the same code.
CVE-2006-2962 EXPLOITDB text WORKING POC
Emergenices Personnel Information System < 2002-09-23 - Remote File Inclusion via phormationdir Parameter
PHP remote file inclusion vulnerability in sql_fcnsOLD.php in Emergenices Personnel Information System (Empris) 20020923 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phormationdir parameter.
CVE-2006-2726 EXPLOITDB text WORKING POC
Fastpublish CMS 1.6.9.d - Remote File Inclusion via config[fsBase] Parameter
PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to include arbitrary files via the config[fsBase] parameter in (1) drucken.php, (2) drucken2.php, (3) email_an_benutzer.php, (4) rechnung.php, (5) suche/search.php and (6) adminbereich/admin.php.
CVE-2007-0764 EXPLOITDB php WORKING POC
F3Site <= 2.1 - Authenticated Arbitrary PHP File Upload via uplf Parameter
Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir parameter in adm.php.
EIP-2026-106981 EXPLOITDB php WORKING POC
extreme-fusion 4.02 - Remote Code Execution
EIP-2026-106980 EXPLOITDB php WORKING POC
eXtreme-fusion 4.02 - 'Fusion_Forum_View.php' Local File Inclusion
CVE-2006-5292 EXPLOITDB text WORKING POC
Exhibit Engine 1.5 RC 4 - Remote File Inclusion via toroot Parameter
PHP remote file inclusion vulnerability in photo_comment.php in Exhibit Engine 1.5 RC 4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter.
CVE-2006-7183 EXPLOITDB text WRITEUP
Exhibit Engine 2 < 1.22 - Remote File Inclusion via toroot Parameter
PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter.
CVE-2006-6445 EXPLOITDB php WORKING POC
Envolution 1.1.0 - Directory Traversal via PNSVlang Parameter
Directory traversal vulnerability in error.php in Envolution 1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
CVE-2006-2982 EXPLOITDB text WORKING POC
Enterprise Timesheet and Payroll Systems <1.1 - RCE
Multiple PHP remote file inclusion vulnerabilities in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in (1) footer.php and (2) admin/footer.php.
EIP-2026-106489 EXPLOITDB text WORKING POC
DoceboLms 2.0.x/3.0.x / DoceboKms 3.0.3 / Docebo CMS 3.0.x - Multiple Remote File Inclusions
CVE-2006-5786 EXPLOITDB php WORKING POC
e107 0.7.5 - Directory Traversal via e107language_e107cookie Cookie
Directory traversal vulnerability in class2.php in e107 0.7.5 and earlier allows remote attackers to read and execute PHP code in arbitrary files via ".." sequences in the e107language_e107cookie cookie to gsitemap.php.
CVE-2006-6694 EXPLOITDB text WORKING POC
E-Uploader Pro 1.0 - Directory Traversal and Arbitrary PHP Code Execution via Language Parameter
Directory traversal vulnerability in include/config.php in E-Uploader Pro 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a .. (dot dot) in the language parameter, as demonstrated by uploading a .JPG file containing PHP code, then accessing the file via config.php.
CVE-2006-4234 EXPLOITDB text WRITEUP
dotProject 2.0.4 - Remote File Inclusion via baseDir Parameter
PHP remote file inclusion vulnerability in classes/query.class.php in dotProject 2.0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter.
CVE-2006-2577 EXPLOITDB text WORKING POC
Docebo < 3.0.3 - Remote File Inclusion via Multiple PHP Parameters
Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in (1) where_cms, (2) where_lms, (3) where_upgrade, (4) BBC_LIB_PATH, and (5) BBC_LANGUAGE_PATH parameters in various unspecified scripts. NOTE: the provenance of some of this information is unknown; the details are obtained solely from third party information.
CVE-2006-7068 EXPLOITDB text WORKING POC
CliServ Web Community <= 0.65 - Remote File Inclusion via cl_headers Parameter
PHP remote file inclusion vulnerability in CliServ Web Community 0.65 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cl_headers parameter to (1) menu.php3 and (2) login.php3.
CVE-2006-2863 EXPLOITDB text WORKING POC
CS-Cart 1.3.3 - Remote File Inclusion via classes_dir Parameter
PHP remote file inclusion vulnerability in class.cs_phpmailer.php in CS-Cart 1.3.3 allows remote attackers to execute arbitrary PHP code via a URL in the classes_dir parameter.
CVE-2007-2890 EXPLOITDB php WORKING POC
cpcommerce < 1.1.0 - SQL Injection via id_category Parameter
SQL injection vulnerability in category.php in cpCommerce 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id_category parameter.
EIP-2026-106145 EXPLOITDB text WRITEUP
Content-Builder (CMS) 0.7.2 - Multiple Include Vulnerabilities
CVE-2006-4897 EXPLOITDB text WORKING POC
CMtextS <= 1.0 - Unauthenticated Administrator Password Exposure via Insecure Web Root File
CMtextS 1.0 and earlier stores users_logins/admin.txt under the web document root with insufficient access control, which allows remote attackers to obtain the administrator password.
CVE-2006-4536 EXPLOITDB php WORKING POC
CMS Frogss <= 0.4 - SQL Injection via podpis Parameter
SQL injection vulnerability in module/rejestracja.php in CMS Frogss 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the podpis parameter.
CVE-2006-5257 EXPLOITDB perl WORKING POC
Ciamos CMS < 0.9.6b - Remote File Inclusion via module_cache_path Parameter
PHP remote file inclusion vulnerability in modules/forum/include/config.php in Ciamos Content Management System (CMS) 0.9.6b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_cache_path parameter.
CVE-2009-1649 EXPLOITDB text WORKING POC
beLive 0.2.3 - Path Traversal via arch Parameter
Directory traversal vulnerability in arch.php in beLive 0.2.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the arch parameter.
CVE-2006-4721 EXPLOITDB php WORKING POC
CCleague Pro Sports CMS 1.0.1 RC1 - Path Traversal
Directory traversal vulnerability in admin.php in CCleague Pro Sports CMS 1.0.1 RC1 allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence and trailing null (%00) byte in the language Cookie parameter, as demonstrated by executing PHP code via a log file.
CVE-2006-2570 EXPLOITDB text WORKING POC
CaLogic Calendars 1.2.2 - Remote File Inclusion via GLOBALS[CLPath] Parameter
PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS["CLPath"] parameter to (1) reconfig.php and (2) srxclr.php. NOTE: this might be due to a globals overwrite issue.