Luny

32 exploits Active since May 2006
CVE-2006-3563 EXPLOITDB text WORKING POC
Winged Gallery - XSS
Cross-site scripting (XSS) vulnerability in gallery/thumb.php in Winged Gallery 1.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter.
EIP-2026-112985 EXPLOITDB text WORKING POC
vBulletin 2.x/3.x - Multiple Cross-Site Scripting Vulnerabilities
CVE-2006-3366 EXPLOITDB text WORKING POC
V3 Chat - XSS
Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the (1) id parameter in (a) mail/index.php and (b) mail/reply.php; (2) login_id parameter in (c) members/is_online.php; (3) site_id parameter in (d) messenger/online.php, (e) messenger/search.php, and (f) messenger/profile.php; (4) contact_name parameter in messenger/search.php; (5) membername parameter in (g) messenger/profileview.php; (6) unspecified parameters used when "editing a profile"; and (7) cust_name parameter in (h) messenger/expire.php. NOTE: The vendor disputes the vectors involving files in the messenger directory, stating "... the referenced folder 'messenger' was never available to the general public...".
CVE-2006-3366 EXPLOITDB text WORKING POC
V3 Chat - XSS
Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the (1) id parameter in (a) mail/index.php and (b) mail/reply.php; (2) login_id parameter in (c) members/is_online.php; (3) site_id parameter in (d) messenger/online.php, (e) messenger/search.php, and (f) messenger/profile.php; (4) contact_name parameter in messenger/search.php; (5) membername parameter in (g) messenger/profileview.php; (6) unspecified parameters used when "editing a profile"; and (7) cust_name parameter in (h) messenger/expire.php. NOTE: The vendor disputes the vectors involving files in the messenger directory, stating "... the referenced folder 'messenger' was never available to the general public...".
CVE-2006-3366 EXPLOITDB text WORKING POC
V3 Chat - XSS
Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the (1) id parameter in (a) mail/index.php and (b) mail/reply.php; (2) login_id parameter in (c) members/is_online.php; (3) site_id parameter in (d) messenger/online.php, (e) messenger/search.php, and (f) messenger/profile.php; (4) contact_name parameter in messenger/search.php; (5) membername parameter in (g) messenger/profileview.php; (6) unspecified parameters used when "editing a profile"; and (7) cust_name parameter in (h) messenger/expire.php. NOTE: The vendor disputes the vectors involving files in the messenger directory, stating "... the referenced folder 'messenger' was never available to the general public...".
CVE-2006-6995 EXPLOITDB text WRITEUP
V3 Chat - Privilege Escalation
mycontacts.php in V3 Chat allows remote authenticated users to gain privileges as other users via a modified membername parameter.
CVE-2006-3366 EXPLOITDB text WORKING POC
V3 Chat - XSS
Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the (1) id parameter in (a) mail/index.php and (b) mail/reply.php; (2) login_id parameter in (c) members/is_online.php; (3) site_id parameter in (d) messenger/online.php, (e) messenger/search.php, and (f) messenger/profile.php; (4) contact_name parameter in messenger/search.php; (5) membername parameter in (g) messenger/profileview.php; (6) unspecified parameters used when "editing a profile"; and (7) cust_name parameter in (h) messenger/expire.php. NOTE: The vendor disputes the vectors involving files in the messenger directory, stating "... the referenced folder 'messenger' was never available to the general public...".
CVE-2006-3366 EXPLOITDB text WORKING POC
V3 Chat - XSS
Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the (1) id parameter in (a) mail/index.php and (b) mail/reply.php; (2) login_id parameter in (c) members/is_online.php; (3) site_id parameter in (d) messenger/online.php, (e) messenger/search.php, and (f) messenger/profile.php; (4) contact_name parameter in messenger/search.php; (5) membername parameter in (g) messenger/profileview.php; (6) unspecified parameters used when "editing a profile"; and (7) cust_name parameter in (h) messenger/expire.php. NOTE: The vendor disputes the vectors involving files in the messenger directory, stating "... the referenced folder 'messenger' was never available to the general public...".
CVE-2006-3366 EXPLOITDB text WORKING POC
V3 Chat - XSS
Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the (1) id parameter in (a) mail/index.php and (b) mail/reply.php; (2) login_id parameter in (c) members/is_online.php; (3) site_id parameter in (d) messenger/online.php, (e) messenger/search.php, and (f) messenger/profile.php; (4) contact_name parameter in messenger/search.php; (5) membername parameter in (g) messenger/profileview.php; (6) unspecified parameters used when "editing a profile"; and (7) cust_name parameter in (h) messenger/expire.php. NOTE: The vendor disputes the vectors involving files in the messenger directory, stating "... the referenced folder 'messenger' was never available to the general public...".
CVE-2006-3299 EXPLOITDB text WRITEUP
Usenet Script 0.5 - XSS
Cross-site scripting (XSS) vulnerability in index.php in Usenet Script 0.5 allows remote attackers to inject arbitrary web script or HTML via the group parameter.
EIP-2026-112555 EXPLOITDB text WRITEUP
TAL RateMyPic 1.0 - Multiple Input Validation Vulnerabilities
CVE-2006-3366 EXPLOITDB text WORKING POC
V3 Chat - XSS
Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the (1) id parameter in (a) mail/index.php and (b) mail/reply.php; (2) login_id parameter in (c) members/is_online.php; (3) site_id parameter in (d) messenger/online.php, (e) messenger/search.php, and (f) messenger/profile.php; (4) contact_name parameter in messenger/search.php; (5) membername parameter in (g) messenger/profileview.php; (6) unspecified parameters used when "editing a profile"; and (7) cust_name parameter in (h) messenger/expire.php. NOTE: The vendor disputes the vectors involving files in the messenger directory, stating "... the referenced folder 'messenger' was never available to the general public...".
CVE-2006-3329 EXPLOITDB text WRITEUP
PHP/MySQL Classifieds - SQL Injection
SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter.
CVE-2006-2803 EXPLOITDB text WRITEUP
Deltascripts Php Manualmaker - XSS
Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) id parameter to index.php, (2) search field (possibly the s parameter), or (3) comment field.
CVE-2006-3680 EXPLOITDB text WRITEUP
Photocycle - XSS
Cross-site scripting (XSS) vulnerability in photocycle in Photocycle 1.0 allows remote attackers to inject arbitrary web script or HTML via the phpage parameter.
CVE-2006-7004 EXPLOITDB text WRITEUP
PHP Script Tools Psy Auction - XSS
Cross-site scripting (XSS) vulnerability in email_request.php in PSY Auction allows remote attackers to inject arbitrary web script or HTML via the user_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-7005 EXPLOITDB text WRITEUP
PHP Script Tools Psy Auction - SQL Injection
SQL injection vulnerability in item.php in PSY Auction allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-3191 EXPLOITDB text WRITEUP
MPCS 0.2 - XSS
Cross-site scripting (XSS) vulnerability in comment.php in MPCS 0.2 allows remote attackers to inject arbitrary web script or HTML via the pageid parameter.
CVE-2006-2884 EXPLOITDB text WRITEUP
Kmita FAQ 1.0 - SQL Injection
SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2006-2883 EXPLOITDB text WRITEUP
Kmita FAQ 1.0 - XSS
Cross-site scripting (XSS) vulnerability in search.php in Kmita FAQ 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
CVE-2006-3006 EXPLOITDB text WORKING POC
iFoto <0.50 - XSS
Cross-site scripting (XSS) vulnerability in iFoto 0.20, and possibly other versions before 0.50, allows remote attackers to inject arbitrary HTML or web script via a base64-encoded file parameter.
CVE-2006-2552 EXPLOITDB text WRITEUP
Jemscripts Downloadcontrol - SQL Injection
Jemscripts DownloadControl 1.0 allows remote attackers to obtain sensitive information via an invalid dcid parameter to dc.php, which leaks the pathname in an error message. NOTE: this was originally claimed to be SQL injection, but it is probably resultant from another issue in functions.php.
EIP-2026-107764 EXPLOITDB text WORKING POC
iFusion iFlance 1.1 - Multiple Input Validation Vulnerabilities
CVE-2006-2892 EXPLOITDB text WORKING POC
GANTTy 1.0.3 - XSS
Cross-site scripting (XSS) vulnerability in index.php in GANTTy 1.0.3 allows remote attackers to inject arbitrary HTML and web script via the message parameter in a login action.
CVE-2006-3061 EXPLOITDB text WORKING POC
5 Star Review - XSS
Multiple cross-site scripting (XSS) vulnerabilities in 5 Star Review allow remote attackers to inject arbitrary web script or HTML via the (1) sort parameter in index2.php, (2) item_id parameter in report.php, (3) search_term parameter (aka the "search box") in search_reviews.php, (4) the profile field in usercp/profile_edit1.php, and the (5) review field in review_form.php.