Mesut Timur

10 exploits Active since Dec 2007
CVE-2007-6310 EXPLOITDB text WRITEUP
Falt4Extreme RC4 10.9.2007 - Cross-Site Scripting via Handler and Topic Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Falt4Extreme RC4 10.9.2007 allow remote attackers to inject arbitrary web script or HTML via the handler parameter to (1) index.php and possibly (2) admin/index.php, and (3) the topic parameter to modules/feed/feed.php (aka modules/feed.php).
CVE-2011-1671 EXPLOITDB text WORKING POC
Tracks 1.7.2, 2.0RC2, and 2.0devel - Cross-Site Scripting via PATH_INFO to todos/tag/
Cross-site scripting (XSS) vulnerability in app/controllers/todos_controller.rb in Tracks 1.7.2, 2.0RC2, and 2.0devel allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to todos/tag/. NOTE: some of these details are obtained from third party information.
CVE-2011-1838 EXPLOITDB text WORKING POC
TWiki < 5.0.2 - Cross-Site Scripting via origurl Parameter
Multiple cross-site scripting (XSS) vulnerabilities in TemplateLogin.pm in TWiki before 5.0.2 allow remote attackers to inject arbitrary web script or HTML via the origurl parameter to a (1) view script or (2) login script.
CVE-2011-3010 EXPLOITDB text WORKING POC
TWiki < 5.1.0 - Cross-Site Scripting via New Topic Parameter or SlideShow Plugin Query String
Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin.
CVE-2011-3010 EXPLOITDB text WORKING POC
TWiki < 5.1.0 - Cross-Site Scripting via New Topic Parameter or SlideShow Plugin Query String
Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin.
CVE-2011-4341 EXPLOITDB text WORKING POC
Symphony CMS <2.2.4 - SQL Injection
Multiple SQL injection vulnerabilities in symphony/content/content.publish.php in Symphony CMS 2.2.3 and possibly other versions before 2.2.4 allow remote authenticated users with Author permissions to execute arbitrary SQL commands via the filter parameter to (1) symphony/publish/comments or (2) symphony/publish/images. NOTE: this issue can be leveraged to perform cross-site scripting (XSS) attacks via error messages. NOTE: some of these details are obtained from third party information.
CVE-2011-4340 EXPLOITDB text WRITEUP
Symphony CMS < 2.2.4 - Authenticated Cross-Site Scripting via Profile or Filter Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.2.3 and possibly other versions before 2.2.4 allow remote authenticated users with Author privileges to inject arbitrary web script or HTML via (1) the profile parameter to extensions/profiledevkit/content/content.profile.php, as demonstrated via requests to (a) the default URI, (b) about/, or (c) drafts/; or (2) the filter parameter in symphony/lib/core/class.symphony.php, as demonstrated via requests to (d) symphony/publish/comments or (e) symphony/publish/images. NOTE: some of these details are obtained from third party information.
CVE-2011-1723 EXPLOITDB text WRITEUP
Redmine 1.0.1-1.1.1 - Cross-Site Scripting via PATH_INFO
Cross-site scripting (XSS) vulnerability in app/views/layouts/base.rhtml in Redmine 1.0.1 through 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to projects/hg-helloworld/news/. NOTE: some of these details are obtained from third party information.
CVE-2011-5252 EXPLOITDB text WRITEUP
Orchard 1.0.x-1.0.20, 1.1.x-1.1.30, 1.2.x-1.2.41, 1.3.x-1.3.9 - Open Redirect via ReturnUrl Parameter
Open redirect vulnerability in Users/Account/LogOff in Orchard 1.0.x before 1.0.21, 1.1.x before 1.1.31, 1.2.x before 1.2.42, and 1.3.x before 1.3.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the ReturnUrl parameter.
CVE-2007-6311 EXPLOITDB text WRITEUP
Falt4Extreme RC4 10.9.2007 - SQL Injection
SQL injection vulnerability in (1) index.php, and possibly (2) admin/index.php, in Falt4Extreme RC4 10.9.2007 allows remote attackers to execute arbitrary SQL commands via the nav_ID parameter.