Red Security TEAM

11 exploits Active since Jan 2012
EIP-2026-112503 EXPLOITDB text WRITEUP
swDesk - Multiple Vulnerabilities
CVE-2012-0980 EXPLOITDB text WRITEUP
phux Download Manager - SQL Injection
SQL injection vulnerability in download.php in phux Download Manager allows remote attackers to execute arbitrary SQL commands via the file parameter.
CVE-2012-0981 EXPLOITDB text WORKING POC
phpShowtime 2.0 - Path Traversal via 'r' Parameter
Directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. (dot dot) in the r parameter to index.php. NOTE: Some of these details are obtained from third party information.
EIP-2026-109961 EXPLOITDB text WRITEUP
Nova CMS - Directory Traversal
EIP-2026-110047 EXPLOITDB text WRITEUP
OneForum - 'topic.php' SQL Injection
CVE-2012-1784 EXPLOITDB text WRITEUP
myjoblist 0.1.3 - SQL Injection via eid Parameter
SQL injection vulnerability in MyJobList 0.1.3 allows remote attackers to execute arbitrary SQL commands via the eid parameter in a profile action to index.php.
EIP-2026-108331 EXPLOITDB text WORKING POC
Joomla! Component com_discussions - SQL Injection
CVE-2012-1069 EXPLOITDB text WORKING POC
lknSupport - Cross-Site Scripting via PATH_INFO in Search Module
Cross-site scripting (XSS) vulnerability in module/kb/search_word in the search module in lknSupport allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2012-0983 EXPLOITDB text WRITEUP
Scriptsez.net Ez Album - SQL Injection
SQL injection vulnerability in Scriptsez.net Ez Album allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2012-0935 EXPLOITDB text WRITEUP
Aryadad CMS - SQL Injection via PageID Parameter
SQL injection vulnerability in Default.aspx in Aryadad CMS allows remote attackers to execute arbitrary SQL commands via the PageID parameter.
EIP-2026-100297 EXPLOITDB text WORKING POC
EasyPage - SQL Injection