Kurdish Security

12 exploits Active since May 2006
EIP-2026-111186 EXPLOITDB text WORKING POC
phpRaid 3.0.b3 - 'phpBB'/'SMF' Remote File Inclusion
EIP-2026-110707 EXPLOITDB text WRITEUP
PHP ICalender 2.22 - 'index.php' Cross-Site Scripting
CVE-2006-3988 EXPLOITDB text WRITEUP
Knusperleicht newsReporter <1.1 - RCE
PHP remote file inclusion vulnerability in index.php in Knusperleicht newsReporter 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the news_include_path parameter.
CVE-2006-3847 EXPLOITDB text WORKING POC
Canebluem Mospray - Code Injection
PHP remote file inclusion vulnerability in (1) admin.php, and possibly (2) details.php, (3) modify.php, (4) newgroup.php, (5) newtask.php, and (6) rss.php, in MoSpray (aka com_mospray) 1.8 RC1 allows remote attackers to execute arbitrary PHP code via a URL in the basedir parameter.
CVE-2006-3995 EXPLOITDB text WORKING POC
User Home Pages - Code Injection
Multiple PHP remote file inclusion vulnerabilities in (1) uhp_config.php, and possibly (2) footer.php, (3) functions.php, (4) install.uhp.php, (5) toolbar.uhp.html.php, (6) uhp.class.php, and (7) uninstall.uhp.php, in the UHP (User Home Pages) 0.5 component (aka com_uhp) for Mambo or Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-3989 EXPLOITDB text WORKING POC
Knusperleicht Shoutbox <4.4 - RCE
PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter.
CVE-2006-4008 EXPLOITDB text WRITEUP
Knusperleicht Faq 1.0 - RCE
PHP remote file inclusion vulnerability in index.php in Knusperleicht Faq 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the faq_path parameter.
CVE-2006-4007 EXPLOITDB text WRITEUP
Knusperleicht Guestbook 3.5 - RCE
PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the GB_PATH parameter.
CVE-2006-3982 EXPLOITDB text WORKING POC
Knusperleicht Quickie <0.2 - RCE
PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter.
CVE-2006-4610 EXPLOITDB text WORKING POC
GrapAgenda <0.11 - RCE
PHP remote file inclusion vulnerability in index.php in GrapAgenda 0.11 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the page parameter.
CVE-2006-2507 EXPLOITDB text WORKING POC
Teake Nutma Foing 0.2.0-0.7.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foing 0.2.0 through 0.7.0, as used with phpBB, allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) index.php, (2) song.php, (3) faq.php, (4) list.php, (5) gen_m3u.php, and (6) playlist.php.
CVE-2006-4622 EXPLOITDB text WORKING POC
AnnonceV 1.1 - RCE
PHP remote file inclusion vulnerability in annonce.php in AnnonceV (aka annoncesV) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.