Phenom

14 exploits Active since Feb 2008
CVE-2008-0843 EXPLOITDB text WRITEUP
Statcountex - Access Control
StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive information and edit configuration scripts via a direct request to admin.asp.
CVE-2010-0665 EXPLOITDB text WORKING POC
Xs4all Jag - Access Control
JAG (Just Another Guestbook) 1.14 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request for jag/database.sql.
EIP-2026-114617 EXPLOITDB text WRITEUP
Zephyrus CMS - 'index.php' SQL Injection
CVE-2010-0698 EXPLOITDB text WORKING POC
Dynamicsoft WSC CMS 2.2 - SQL Injection
SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC CMS 2.2 allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-112232 EXPLOITDB text WRITEUP
Smart PHP Uploader 1.0 - Arbitrary File Upload
CVE-2010-0674 EXPLOITDB text WRITEUP
2enetworx Statcountex - Access Control
StatCounteX 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for path/stats.mdb.
EIP-2026-109616 EXPLOITDB text WRITEUP
MRW PHP Upload - Arbitrary File Upload
EIP-2026-109448 EXPLOITDB text SUSPICIOUS
microUpload - Arbitrary File Upload
EIP-2026-109151 EXPLOITDB text WRITEUP
lineaCMS - Cross-Site Scripting
EIP-2026-109047 EXPLOITDB text WORKING POC
Kubeit CMS - SQL Injection
EIP-2026-105996 EXPLOITDB text WORKING POC
CMS Openpage - 'index.php' SQL Injection
EIP-2026-104435 EXPLOITDB text WRITEUP
Six Apart Vox - 'search' Page Cross-Site Scripting
EIP-2026-100405 EXPLOITDB text WORKING POC
Majoda CMS - Authentication Bypass
EIP-2026-100236 EXPLOITDB text WORKING POC
DA Mailing List System 2 - Multiple Vulnerabilities