L4teral

12 exploits Active since Sep 2007
CVE-2007-5684 EXPLOITDB text WORKING POC
TikiWiki < 1.9.8.1 - Remote File Inclusion and Execution via Path Traversal
Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and earlier allow remote attackers to include and execute arbitrary files via an absolute pathname in (1) error_handler_file and (2) local_php parameters to (a) tiki-index.php, or (3) encoded "..%2F" sequences in the imp_language parameter to tiki-imexport_languages.php.
CVE-2008-5584 EXPLOITDB text WORKING POC
ProjectPier < 0.8 - Cross-Site Scripting via Message, Milestone, Profile Display Name, or Index.php Parameters
Multiple cross-site scripting (XSS) vulnerabilities in ProjectPier 0.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) a message, (2) a milestone, or (3) a display name in a profile, or the (4) a or (5) c parameter to index.php.
CVE-2008-0266 EXPLOITDB html WORKING POC
eTicket 1.5.5.2 - Cross-Site Request Forgery in admin.php
Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote attackers to change the administrative password and possibly perform other administrative tasks. NOTE: either the old password must be known, or the attacker must leverage a separate SQL injection vulnerability.
CVE-2008-0267 EXPLOITDB text WRITEUP
eTicket 1.5.5.2 - Authenticated SQL Injection via search.php and admin.php Parameters
Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php.
CVE-2008-0267 EXPLOITDB text WRITEUP
eTicket 1.5.5.2 - Authenticated SQL Injection via search.php and admin.php Parameters
Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php.
CVE-2008-0268 EXPLOITDB text WORKING POC
eticket 1.5.5.2 - Cross-Site Scripting via s Parameter
Cross-site scripting (XSS) vulnerability in view.php in eTicket 1.5.5.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVE-2007-4976 EXPLOITDB text WORKING POC
Coppermine Photo Gallery - Authenticated Path Traversal via viewlog.php log Parameter
Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the log parameter.
CVE-2007-4977 EXPLOITDB text WRITEUP
Coppermine Photo Gallery - Cross-Site Scripting via Referer Parameter
Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the referer parameter.
CVE-2007-5983 EXPLOITDB text WORKING POC
Justin Hagstrom AutoIndex <2.2.3 - XSS
Cross-site scripting (XSS) vulnerability in index.php in Justin Hagstrom AutoIndex PHP Script before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).
CVE-2007-5984 EXPLOITDB text WRITEUP
Justin Hagstrom AutoIndex <2.2.4 - DoS
classes/Url.php in Justin Hagstrom AutoIndex PHP Script before 2.2.4 allows remote attackers to cause a denial of service (CPU and memory consumption) via a %00 sequence in the dir parameter to index.php, which triggers an erroneous "recursive calculation."
CVE-2008-0633 EXPLOITDB text WORKING POC
anon_proxy_server < 0.102 - Denial of Service via Username with Excessive Quotes
Buffer overflow in Anon Proxy Server 0.102 and earlier, when user authentication is enabled, allows remote attackers to cause a denial of service (exception) via a user name with a large number of quotes, which triggers the overflow during escaping.
CVE-2008-0166 EXPLOITDB HIGH ruby SCANNER
OpenSSL <0.9.8g-9 - Info Disclosure
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.
CVSS 7.5