NoGe

100 exploits Active since Oct 2007
CVE-2008-6612 EXPLOITDB text WORKING POC
Minimal ABlog 0.4 - Unauthenticated Remote Code Execution via File Upload
Unrestricted file upload vulnerability in admin/uploader.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in img/.
CVE-2008-6611 EXPLOITDB text WORKING POC
Minimal ABlog 0.4 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-5040 EXPLOITDB text WORKING POC
NP_Gallery plugin 0.94 - Remote Code Execution via DIR_NUCLEUS Parameter
PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary PHP code via a URL in the DIR_NUCLEUS parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-1493 EXPLOITDB text WORKING POC
com_awdwall < 1.5.4 - SQL Injection via cbuser Parameter
SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cbuser parameter in an awdwall action to index.php.
CVE-2008-5775 EXPLOITDB text WRITEUP
Aperto Blog 0.1.1 - SQL Injection
SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2013-3050 EXPLOITDB text WORKING POC
ZAPms < 1.41 - SQL Injection via Product PID Parameter
SQL injection vulnerability in ZAPms 1.41 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter to product.
CVE-2008-4718 EXPLOITDB text WORKING POC
X7 Chat < 2.0.1 - Path Traversal and Arbitrary File Execution via Help File Parameter
Directory traversal vulnerability in help/mini.php in X7 Chat 2.0.1 A1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the help_file parameter, a different vector than CVE-2006-2156.
CVE-2009-2769 EXPLOITDB text WORKING POC
Ultrize TimeSheet 1.2.2 - Remote Code Execution via config[include_dir] Parameter
PHP remote file inclusion vulnerability in include/timesheet.php in Ultrize TimeSheet 1.2.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the config[include_dir] parameter.
CVE-2007-6105 EXPLOITDB text WORKING POC
TalkBack 2.2.7 - Remote Code Execution via PHP File Inclusion
Multiple PHP remote file inclusion vulnerabilities in TalkBack 2.2.7 allow remote attackers to execute arbitrary PHP code via a URL in the (1) language_file parameter to (a) comments-display-tpl.php and (b) addons/separate-comments-mod/my-comments-display-tpl.php and the (2) config[comments_form_tpl] parameter to comments-display-tpl.php.
CVE-2008-3371 EXPLOITDB text WORKING POC
TalkBack < 2.3.6.2 - Remote File Inclusion via Language Parameter
Directory traversal vulnerability in install/help.php in TalkBack 2.3.5, and other versions before 2.3.6.2, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.
CVE-2009-2443 EXPLOITDB text WORKING POC
Siteframe 3.2.x - Information Exposure via phpinfo.php Direct Request
Siteframe 3.2.3, and other 3.2.x versions, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
EIP-2026-112166 EXPLOITDB text WORKING POC
SimpNews 2.16.2 - Multiple SQL Injections
EIP-2026-112243 EXPLOITDB text WORKING POC
SmartCMS - 'index.php?idx' SQL Injection
EIP-2026-111678 EXPLOITDB text WORKING POC
Rapidsendit Clone Script - 'admin.php' Insecure Cookie Authentication Bypass
EIP-2026-111735 EXPLOITDB text WORKING POC
Regental Medien - Blind SQL Injection
EIP-2026-111323 EXPLOITDB text WORKING POC
PlaySms 0.9.5.2 - Remote File Inclusion
CVE-2013-3524 EXPLOITDB text WORKING POC
Pop Up News module 2.0 - SQL Injection via itemid Parameter
SQL injection vulnerability in popupnewsitem/ in the Pop Up News module 2.0 and possibly earlier for phpVMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: this was originally reported as a problem in phpVMS.
CVE-2008-5332 EXPLOITDB text WORKING POC
Pie 0.5.3 - Remote Code Execution via PHP File Inclusion
Multiple PHP remote file inclusion vulnerabilities in Pie 0.5.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lib parameter to files in lib/action/ including (a) alias.php, (b) cancel.php, (c) context.php, (d) deadlinks.php, (e) delete.php, and others; and the (2) GLOBALS[pie][library_path] parameter to files in lib/share/ including (f) diff.php, (g) file.php, (h) locale.php, (i) mapfile.php, (j) page.php, and others.
CVE-2008-7067 EXPLOITDB text WORKING POC
PageTree CMS 0.0.2 BETA 00001 - Remote Code Execution via GLOBALS[PT_Config][dir][data] Parameter
PHP remote file inclusion vulnerability in admin/plugins/Online_Users/main.php in PageTree CMS 0.0.2 BETA 0001 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[PT_Config][dir][data] parameter.
CVE-2009-3336 EXPLOITDB perl WORKING POC
PHP Pro Bid - SQL Injection via auction_id Parameter
SQL injection vulnerability in auction_details.php in PHP Pro Bid allows remote attackers to execute arbitrary SQL commands via the auction_id parameter.
CVE-2010-1055 EXPLOITDB text WORKING POC
osDate 2.1.9 and 2.5.4 - Remote Code Execution via config[forum_installed] Parameter
Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and 2.5.4, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the config[forum_installed] parameter to (1) forum/adminLogin.php and (2) forum/userLogin.php. NOTE: some of these details are obtained from third party information.
CVE-2010-5041 EXPLOITDB text WORKING POC
NP_Gallery plugin 0.94 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action.
CVE-2010-2314 EXPLOITDB text WORKING POC
NP_Twitter Plugin 0.8-0.9 - Remote Code Execution via DIR_PLUGINS Parameter
PHP remote file inclusion vulnerability in nucleus/plugins/NP_Twitter.php in the NP_Twitter Plugin 0.8 and 0.9 for Nucleus, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DIR_PLUGINS parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-6377 EXPLOITDB text WORKING POC
Multi SEO phpBB 1.1.0 - Remote Code Execution via pfad Parameter
PHP remote file inclusion vulnerability in include/global.php in Multi SEO phpBB 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the pfad parameter.
CVE-2008-6613 EXPLOITDB text WORKING POC
minimal-ablog 0.4 - Unauthenticated Privilege Escalation via uploader.php
uploader.php in minimal-ablog 0.4 does not properly restrict access, which allows remote attackers to gain administrative privileges via a direct request.