Kurdish Security

12 exploits Active since May 2006
EIP-2026-111186 EXPLOITDB text WORKING POC
phpRaid 3.0.b3 - 'phpBB'/'SMF' Remote File Inclusion
EIP-2026-110707 EXPLOITDB text WRITEUP
PHP ICalender 2.22 - 'index.php' Cross-Site Scripting
CVE-2006-3988 EXPLOITDB text WRITEUP
Knusperleicht newsReporter <1.1 - RCE
PHP remote file inclusion vulnerability in index.php in Knusperleicht newsReporter 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the news_include_path parameter.
CVE-2006-3847 EXPLOITDB text WORKING POC
MoSpray 1.8 RC1 - Remote Code Execution via basedir Parameter
PHP remote file inclusion vulnerability in (1) admin.php, and possibly (2) details.php, (3) modify.php, (4) newgroup.php, (5) newtask.php, and (6) rss.php, in MoSpray (aka com_mospray) 1.8 RC1 allows remote attackers to execute arbitrary PHP code via a URL in the basedir parameter.
CVE-2006-3995 EXPLOITDB text WORKING POC
User Home Pages 0.5 - Remote Code Execution via mosConfig_absolute_path Parameter
Multiple PHP remote file inclusion vulnerabilities in (1) uhp_config.php, and possibly (2) footer.php, (3) functions.php, (4) install.uhp.php, (5) toolbar.uhp.html.php, (6) uhp.class.php, and (7) uninstall.uhp.php, in the UHP (User Home Pages) 0.5 component (aka com_uhp) for Mambo or Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-3989 EXPLOITDB text WORKING POC
Knusperleicht Shoutbox < 4.4 - Remote File Inclusion via sb_include_path Parameter
PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter.
CVE-2006-4008 EXPLOITDB text WRITEUP
Knusperleicht Faq 1.0 - Remote File Inclusion via faq_path Parameter
PHP remote file inclusion vulnerability in index.php in Knusperleicht Faq 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the faq_path parameter.
CVE-2006-4007 EXPLOITDB text WRITEUP
Knusperleicht Guestbook 3.5 - Remote File Inclusion via GB_PATH Parameter
PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the GB_PATH parameter.
CVE-2006-3982 EXPLOITDB text WORKING POC
Knusperleicht Quickie - Remote File Inclusion via QUICK_PATH Parameter
PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter.
CVE-2006-4610 EXPLOITDB text WORKING POC
GrapAgenda < 0.11 - Remote File Inclusion via index.php page Parameter
PHP remote file inclusion vulnerability in index.php in GrapAgenda 0.11 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the page parameter.
CVE-2006-2507 EXPLOITDB text WORKING POC
Teake Nutma Foing 0.2.0-0.7.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foing 0.2.0 through 0.7.0, as used with phpBB, allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) index.php, (2) song.php, (3) faq.php, (4) list.php, (5) gen_m3u.php, and (6) playlist.php.
CVE-2006-4622 EXPLOITDB text WORKING POC
AnnonceV 1.1 - Remote File Inclusion via Page Parameter
PHP remote file inclusion vulnerability in annonce.php in AnnonceV (aka annoncesV) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.