RoMaNcYxHaCkEr

47 exploits Active since Oct 2006
CVE-2008-0167 EXPLOITDB WORKING POC
GForge - Unspecified Impact via Configuration File Truncation
The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances.
CVE-2009-0764 EXPLOITDB WORKING POC
Kipper 2.01 - Cross-Site Scripting via Charm Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to (1) index.php and (2) kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-0766 EXPLOITDB WORKING POC
Kipper 2.01 - Path Traversal and Arbitrary File Execution via Configfile Parameter
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3166 EXPLOITDB WORKING POC
BoonEx Ray 3.5 - Remote Code Execution via sIncPath Parameter
PHP remote file inclusion vulnerability in modules/global/inc/content.inc.php in BoonEx Ray 3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the sIncPath parameter.
CVE-2009-0765 EXPLOITDB text WORKING POC
Kipper 2.01 - Path Traversal via Configfile Parameter
Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the configfile parameter.
CVE-2009-0763 EXPLOITDB text WORKING POC
Kipper 2.01 - Cross-Site Scripting via Charm Parameter
Cross-site scripting (XSS) vulnerability in default.php in Kipper 2.01 allows remote attackers to inject arbitrary web script or HTML via the charm parameter.
CVE-2009-0529 EXPLOITDB text WORKING POC
SnippetMaster Webpage Editor 2.2.2 - XSS
Cross-site scripting (XSS) vulnerability in index.php in SnippetMaster Webpage Editor 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the language parameter.
CVE-2009-0526 EXPLOITDB text WORKING POC
AdaptCMS Lite 1.4 - Cross-Site Scripting via URL and acuparam Parameters
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AdaptCMS Lite 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) url and (2) acuparam parameters, and (3) the URI.
CVE-2008-2127 EXPLOITDB text WRITEUP
CMS Faethon 2.2 Ultimate - Cross-Site Scripting via Search Parameter
Cross-site scripting (XSS) vulnerability in search.php in CMS Faethon 2.2 Ultimate allows remote attackers to inject arbitrary web script or HTML via the what parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-0376 EXPLOITDB text WORKING POC
Small Axe Weblog 0.3.1 - Remote Code Execution via cfile Parameter
PHP remote file inclusion vulnerability in inc/linkbar.php in Small Axe Weblog 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the cfile parameter.
CVE-2006-5521 EXPLOITDB text WORKING POC
Net_DNS < 0.03 - Remote File Inclusion via phpdns_basedir Parameter
PHP remote file inclusion vulnerability in DNS/RR.php in Net_DNS 0.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.
CVE-2008-2911 EXPLOITDB text WORKING POC
Contenido 4.8.4 - Cross-Site Scripting via Contenido, Belang, or Username Parameters
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Contenido 4.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) contenido, (2) Belang, and (3) username parameters.
CVE-2008-5938 EXPLOITDB text WORKING POC
MODx CMS <0.9.6.2 - Remote Code Execution
PHP remote file inclusion vulnerability in assets/snippets/reflect/snippet.reflect.php in MODx CMS 0.9.6.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the reflect_base parameter.
CVE-2007-6347 EXPLOITDB text WORKING POC
ViArt CMS/HelpDesk/Shop Evaluation/Shop Free <3.3.2 - RCE
PHP remote file inclusion vulnerability in blocks/block_site_map.php in ViArt (1) CMS 3.3.2, (2) HelpDesk 3.3.2, (3) Shop Evaluation 3.3.2, and (4) Shop Free 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the root_folder_path parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-3065 EXPLOITDB text WORKING POC
Rein Velt Vedit - Code Injection
PHP remote file inclusion vulnerability in editor/edit_htmlarea.php in Ve-EDIT 0.1.4 allows remote attackers to execute arbitrary PHP code via a URL in the highlighter parameter.
CVE-2009-0530 EXPLOITDB text WORKING POC
SnippetMaster 2.2.2 - Remote Code Execution via PHP File Inclusion
Multiple PHP remote file inclusion vulnerabilities in SnippetMaster 2.2.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SESSION[SCRIPT_PATH] parameter to includes/vars.inc.php and the (2) g_pcltar_lib_dir parameter to includes/tar_lib/pcltar.lib.php.
CVE-2008-0442 EXPLOITDB text WORKING POC
Small Axe Weblog 0.3.1 - Remote Code Execution via ffile Parameter
PHP remote file inclusion vulnerability in inc/linkbar.php in Small Axe Weblog 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the ffile parameter, a different vector than CVE-2008-0376. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1069 EXPLOITDB text WORKING POC
Quantum Game Library 0.7.2c - Remote Code Execution via CONFIG[gameroot] Parameter
Multiple PHP remote file inclusion vulnerabilities in Quantum Game Library 0.7.2c allow remote attackers to execute arbitrary PHP code via a URL in the CONFIG[gameroot] parameter to (1) server_request.php and (2) qlib/smarty.inc.php.
CVE-2008-2224 EXPLOITDB text WORKING POC
SazCart 1.5.1 - Remote Code Execution via PHP File Inclusion
Multiple PHP remote file inclusion vulnerabilities in SazCart 1.5.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _saz[settings][site_dir] parameter to layouts/default/header.saz.php and the (2) _saz[settings][site_url] parameter to admin/alayouts/default/pages/login.php.
CVE-2007-5648 EXPLOITDB text WORKING POC
rNote 0.9.7.5 - Cross-Site Scripting via d or u Parameter
Multiple cross-site scripting (XSS) vulnerabilities in rnote.php in rNote 0.9.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) d or the (2) u parameter.
EIP-2026-111567 EXPLOITDB text WORKING POC
pSys 0.7.0 Alpha - Multiple Remote File Inclusions
CVE-2008-1067 EXPLOITDB text WORKING POC
phpQLAdmin 2.2.7 - Remote Code Execution via _SESSION[path] Parameter
Multiple PHP remote file inclusion vulnerabilities in phpQLAdmin 2.2.7 allow remote attackers to execute arbitrary PHP code via a URL in the _SESSION[path] parameter to (1) ezmlm.php and (2) tools/update_translations.php.
CVE-2008-1416 EXPLOITDB text WORKING POC
phpauction_gpl 2.51 - Remote Code Execution via include_path Parameter
Multiple PHP remote file inclusion vulnerabilities in PHPauction GPL 2.51 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) converter.inc.php, (2) messages.inc.php, and (3) settings.inc.php in includes/.
CVE-2008-3455 EXPLOITDB text WORKING POC
JnSHosts PHP Hosting Directory 2.0 - RCE
PHP remote file inclusion vulnerability in include/admin.php in JnSHosts PHP Hosting Directory 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the rd parameter.
CVE-2008-5939 EXPLOITDB text WORKING POC
MODx CMS <0.9.6.2 - XSS
Cross-site scripting (XSS) vulnerability in index.php in MODx CMS 0.9.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in the username field, possibly related to snippet.ditto.php. NOTE: some sources list the id parameter as being affected, but this is probably incorrect based on the original disclosure.