Khashayar Fereidani

102 exploits Active since Sep 2007
CVE-2008-2187 EXPLOITDB text WRITEUP
Mjguest 6.7 GT Rev.01 - Cross-Site Scripting via Level Parameter
Cross-site scripting (XSS) vulnerability in mjguest.php in Mjguest 6.7 GT Rev.01 allows remote attackers to inject arbitrary web script or HTML via the level parameter in a redirect action, possibly involving interface/redirect.htm.php.
CVE-2008-0446 EXPLOITDB text WORKING POC
LulieBlog 1.02 - SQL Injection via voircom.php id Parameter
SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2202 EXPLOITDB text WORKING POC
Maian Uploader 4.0 - Stored Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to upload/admin/index.php in a search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action.
CVE-2008-2202 EXPLOITDB text WORKING POC
Maian Uploader 4.0 - Stored Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to upload/admin/index.php in a search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action.
CVE-2008-2202 EXPLOITDB text WRITEUP
Maian Uploader 4.0 - Stored Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to upload/admin/index.php in a search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action.
CVE-2008-3712 EXPLOITDB text WORKING POC
Mambo 4.6.2 and 4.6.5 - Cross-Site Scripting via Query String and mosConfig_sitename Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.2 and 4.6.5, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) query string to mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php and the (2) mosConfig_sitename parameter to administrator/popups/index3pop.php.
CVE-2008-3712 EXPLOITDB text WORKING POC
Mambo 4.6.2 and 4.6.5 - Cross-Site Scripting via Query String and mosConfig_sitename Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.2 and 4.6.5, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) query string to mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php and the (2) mosConfig_sitename parameter to administrator/popups/index3pop.php.
CVE-2008-7005 EXPLOITDB python WORKING POC
Minb Is Not a Blog 0.1.0 - Remote Code Execution via quotes_to_edit Parameter
include/modules/top/1-random_quote.php in Minb Is Not a Blog (minb) 0.1.0 allows remote attackers to execute arbitrary PHP code via the quotes_to_edit parameter. NOTE: this issue has been reported as an unrestricted file upload by some sources, but that is a potential consequence of code execution.
CVE-2008-2196 EXPLOITDB html WORKING POC
LifeType 1.2.8 - Cross-Site Scripting via newBlogUserName Parameter
Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the newBlogUserName parameter in an addBlogUser action, a different vector than CVE-2008-2178.
CVE-2014-3857 EXPLOITDB text WRITEUP
Kerio Control < 8.3.2 - Authenticated SQL Injection via Statistics Print Parameters
Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) before 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) x_16 or (2) x_17 parameter to print.php.
CVE-2008-5957 EXPLOITDB text WRITEUP
Joomla! com_mydyngallery 1.4.2 - SQL Injection
SQL injection vulnerability in the Mydyngallery (com_mydyngallery) component 1.4.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the directory parameter to index.php.
CVE-2009-4961 EXPLOITDB text WRITEUP
lanai-core 0.6 - Exposure of Sensitive Information via info.php
Lanai Core 0.6 allows remote attackers to obtain configuration information via a direct request to info.php, which calls the phpinfo function.
EIP-2026-107774 EXPLOITDB text WRITEUP
Ignition 1.2 - 'comment' Remote Code Injection
CVE-2008-0447 EXPLOITDB text WORKING POC
Foojan WMS PHP Weblog 1.0 - SQL Injection via Story Parameter
SQL injection vulnerability in index.php in Foojan WMS PHP Weblog 1.0 allows remote attackers to execute arbitrary SQL commands via the story parameter.
CVE-2009-3824 EXPLOITDB python WORKING POC
Greenwood PHP Content Manager 0.3.2 - Path Traversal via Content Path Parameter
Directory traversal vulnerability in include/processor.php in Greenwood PHP Content Manager 0.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content_path parameter.
CVE-2008-2188 EXPLOITDB text WORKING POC
EJ3 BlackBook 1.0 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in EJ3 BlackBook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) bookCopyright and (2) ver parameters to (a) footer.php, and the (3) bookName, (4) bookMetaTags, and (5) estiloCSS parameters to (b) header.php.
CVE-2008-1651 EXPLOITDB python WORKING POC
EasyNews 4.0 - Path Traversal via Lang Parameter
Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
CVE-2008-3343 EXPLOITDB perl WORKING POC
MyioSoft EasyPublish <3.0tr - SQL Injection
SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr (trial edition) allows remote attackers to execute arbitrary SQL commands via the read parameter in a search action.
CVE-2008-1714 EXPLOITDB text WRITEUP
FaScript FaPhoto 1.0 - SQL Injection
SQL injection vulnerability in show.php in FaScript FaPhoto 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0326 EXPLOITDB text WRITEUP
FaScript FaPersianHack 1.0 - SQL Injection via id Parameter
SQL injection vulnerability in class/show.php in FaScript FaPersianHack 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to show.php.
CVE-2008-0325 EXPLOITDB text WRITEUP
FaScript FaPersian Petition - SQL Injection via show.php id Parameter
SQL injection vulnerability in show.php in FaScript FaPersian Petition allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0328 EXPLOITDB text WRITEUP
FaScript FaName 1.0 - SQL Injection via id Parameter
SQL injection vulnerability in page.php in FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0327 EXPLOITDB text WRITEUP
FaScript FaMp3 1.0 - SQL Injection via show.php id Parameter
SQL injection vulnerability in show.php in FaScript FaMp3 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2188 EXPLOITDB text WORKING POC
EJ3 BlackBook 1.0 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in EJ3 BlackBook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) bookCopyright and (2) ver parameters to (a) footer.php, and the (3) bookName, (4) bookMetaTags, and (5) estiloCSS parameters to (b) header.php.
CVE-2008-3345 EXPLOITDB perl WORKING POC
MyioSoft EasyE-Cards <3.10a - SQL Injection
SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a pickup action.