Mehmet Ince

176 exploits Active since Dec 2002
CVE-2008-0922 EXPLOITDB text WORKING POC
PHP-Nuke Manuales 0.1 - SQL Injection via cid Parameter
SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php.
CVE-2008-0881 EXPLOITDB text WORKING POC
PHP-Nuke Okul Module - SQL Injection via okulid Parameter
SQL injection vulnerability in modules.php in the Okul 1.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the okulid parameter in an okullar action.
CVE-2007-0761 EXPLOITDB text WORKING POC
phpBB ezBoard converter 0.2 - Remote File Inclusion via ezconvert_dir Parameter
PHP remote file inclusion vulnerability in config.php in phpBB ezBoard converter (ezconvert) 0.2 allows remote attackers to execute arbitrary PHP code via a URL in the ezconvert_dir parameter.
CVE-2007-1555 EXPLOITDB text WORKING POC
Minerva mod for phpBB - SQL Injection via forum.php c Parameter
SQL injection vulnerability in forum.php in the Minerva mod 2.0.21 build 238a and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the c parameter.
CVE-2007-0680 EXPLOITDB text WORKING POC
phpbb_tweaked < 3 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/functions.php in Phpbb Tweaked 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5223 EXPLOITDB text WORKING POC
Nivisec User Viewed Posts Tracker <= 1.0 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/functions_user_viewed_posts.php in the Nivisec User Viewed Posts Tracker module 1.0 and earlier for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5094 EXPLOITDB text WORKING POC
phpBB XS 2 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/functions_kb.php in the phpBB XS 2 (Spain version) allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter, a different vector than CVE-2006-4780 or CVE-2006-4893.
CVE-2007-0762 EXPLOITDB perl WORKING POC
phpBB++ Build 100 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2007-0656 EXPLOITDB text WORKING POC
phpBB2-MODificat 0.2.0 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/functions.php in phpBB2-MODificat 0.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2007-6088 EXPLOITDB text WORKING POC
phpbbviet < 02.03.07 - Remote Code Execution via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBBViet 02.03.07 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-6789 EXPLOITDB text WORKING POC
phpbbxtra 2.0 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in Phpbbxtra 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2007-0702 EXPLOITDB text WORKING POC
phpEventMan 1.0.2 - Remote File Inclusion via Level Parameter
Multiple PHP remote file inclusion vulnerabilities in phpEventMan 1.0.2 allow remote attackers to execute arbitrary PHP code via a URL in the level parameter to (1) Shared/controller/text.ctrl.php or (2) UserMan/controller/common.function.php.
CVE-2006-5458 EXPLOITDB text WORKING POC
Hinton Design phpht Topsites < 1.0 - Remote File Inclusion via phpht_real_path Parameter
PHP remote file inclusion vulnerability in common.php in Hinton Design phpht Topsites allows remote attackers to execute arbitrary PHP code via a URL in the phpht_real_path parameter.
CVE-2006-5261 EXPLOITDB text WORKING POC
phpmynews < 1.4 - Remote File Inclusion via cfg_include_dir Parameter
Multiple PHP remote file inclusion vulnerabilities in PHPMyNews 1.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the cfg_include_dir parameter in (1) disp_form.php3, (2) disp_smileys.php3, (3) little_news.php3, and (4) index.php3 in include/.
CVE-2006-5207 EXPLOITDB text WORKING POC
phpMyTeam 2.0 - Remote File Inclusion via smileys_dir Parameter
PHP remote file inclusion vulnerability in images/smileys/smileys_packs.php in phpMyTeam 2.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the smileys_dir parameter.
CVE-2006-5181 EXPLOITDB text WORKING POC
phpMyWebmin 1.0 - Remote File Inclusion via Target Parameter
Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the target parameter in (1) change_preferences2.php, (2) create_file.php, (3) upload_local.php, and (4) upload_multi.php, different vectors than CVE-2006-5124.
CVE-2009-2098 EXPLOITDB text WRITEUP
phPortal 1.0 - SQL Injection via Topicler id Parameter
SQL injection vulnerability in topicler.php in phPortal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-4115 EXPLOITDB text WORKING POC
PgMarket 2.2.3 - Remote File Inclusion via CFG[libdir] Parameter
PHP remote file inclusion vulnerability in common.inc.php in PgMarket 2.2.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the CFG[libdir] parameter.
CVE-2008-0880 EXPLOITDB text WORKING POC
PHP-Nuke EasyContent Module - SQL Injection via page_id Parameter
SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
CVE-2007-1980 EXPLOITDB text WORKING POC
Topliste 1.0 module for PHP-Fusion - SQL Injection via cid Parameter
SQL injection vulnerability in index.php in the Topliste 1.0 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2007-1978 EXPLOITDB text WORKING POC
PHP-Fusion Arcade Module - SQL Injection via cid Parameter
SQL injection vulnerability in index.php in the Arcade 1.00 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view_game_list action.
CVE-2007-0584 EXPLOITDB text WORKING POC
PhP Generic Library & Framework - RCE
PHP remote file inclusion vulnerability in membres/membreManager.php in PhP Generic Library & Framework for comm (g-neric) allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter.
CVE-2007-2672 EXPLOITDB text WORKING POC
PHP Coupon Script 3.0 - SQL Injection
SQL injection vulnerability in index.php in PHP Coupon Script 3.0 allows remote attackers to execute arbitrary SQL commands via the bus parameter in a viewbus page.
CVE-2006-5543 EXPLOITDB text WORKING POC
PHP Generator of Object SQL Database - RCE
PHP remote file inclusion vulnerability in misc/function.php3 in PHP Generator of Object SQL Database (PGOSD), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
CVE-2008-6409 EXPLOITDB text WORKING POC
ol'bookmarks manager 0.7.5 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in ol'bookmarks manager 0.7.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a brain action.