Red Security TEAM

EIP-2026-112503 EXPLOITDB text WRITEUP

swDesk - Multiple Vulnerabilities

View Code

CVE-2012-0980 EXPLOITDB text WRITEUP

phux Download Manager - SQL Injection

SQL injection vulnerability in download.php in phux Download Manager allows remote attackers to execute arbitrary SQL commands via the file parameter.

View Code

CVE-2012-0981 EXPLOITDB text WORKING POC

phpShowtime 2.0 - Path Traversal

Directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. (dot dot) in the r parameter to index.php. NOTE: Some of these details are obtained from third party information.

View Code

EIP-2026-109961 EXPLOITDB text WRITEUP

Nova CMS - Directory Traversal

View Code

EIP-2026-110047 EXPLOITDB text WRITEUP

OneForum - 'topic.php' SQL Injection

View Code

CVE-2012-1784 EXPLOITDB text WRITEUP

Myjoblist - SQL Injection

SQL injection vulnerability in MyJobList 0.1.3 allows remote attackers to execute arbitrary SQL commands via the eid parameter in a profile action to index.php.

View Code

EIP-2026-108331 EXPLOITDB text WORKING POC

Joomla! Component com_discussions - SQL Injection

View Code

CVE-2012-1069 EXPLOITDB text WORKING POC

lknSupport - XSS

Cross-site scripting (XSS) vulnerability in module/kb/search_word in the search module in lknSupport allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

View Code

CVE-2012-0983 EXPLOITDB text WRITEUP

Scriptsez.net Ez Album - SQL Injection

SQL injection vulnerability in Scriptsez.net Ez Album allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.

View Code

CVE-2012-0935 EXPLOITDB text WRITEUP

Aryadad CMS - SQL Injection

SQL injection vulnerability in Default.aspx in Aryadad CMS allows remote attackers to execute arbitrary SQL commands via the PageID parameter.

View Code

EIP-2026-100297 EXPLOITDB text WORKING POC

EasyPage - SQL Injection

View Code