RoMaNcYxHaCkEr

47 exploits Active since Oct 2006
CVE-2008-1903 EXPLOITDB text WORKING POC
Newanz NewsOffice <1.1 - RCE
PHP remote file inclusion vulnerability in news_show.php in Newanz NewsOffice 1.0 and 1.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the newsoffice_directory parameter.
CVE-2008-1857 EXPLOITDB text WORKING POC
Make our Life Easy Mole <2.1.0 - Path Traversal
Multiple directory traversal vulnerabilities in viewsource.php in Make our Life Easy (Mole) 2.1.0 allow remote attackers to read arbitrary files via directory traversal sequences in the (1) dirn and (2) fname parameters.
CVE-2007-6653 EXPLOITDB text WORKING POC
Mihalism Multi Host <2.0.7 - Path Traversal
Directory traversal vulnerability in download.php in Mihalism Multi Host 2.0.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2009-0767 EXPLOITDB text WORKING POC
Kipper 2.01 - Info Disclosure
Kipper 2.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing credentials via a direct request for job/config.data.
CVE-2007-6603 EXPLOITDB text WRITEUP
Hot or Not Clone - Info Disclosure
Hot or Not Clone has insufficient access control for producing and reading database backups, which allows remote attackers to obtain the administrator username and password via a direct request to control/backup/backup.php, which generates a backup/dump/backup.sql file that can be downloaded via a direct request to control/downloadfile.php.
CVE-2008-2220 EXPLOITDB text WORKING POC
Interact - Code Injection
Multiple PHP remote file inclusion vulnerabilities in Interact Learning Community Environment Interact 2.4.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) CONFIG[LANGUAGE_CPATH] parameter to modules/forum/embedforum.php and the (2) CONFIG[BASE_PATH] parameter to modules/scorm/lib.inc.php, different vectors than CVE-2006-4448.
CVE-2007-6464 EXPLOITDB text WORKING POC
Form tools 1.5.0b - RCE
Multiple PHP remote file inclusion vulnerabilities in Form tools 1.5.0b allow remote attackers to execute arbitrary PHP code via a URL in the g_root_dir parameter to (1) admin_page_open.php and (2) client_page_open.php in global/templates/.
CVE-2009-3182 EXPLOITDB text WORKING POC
Anantasoft Gazelle Cms - Access Control
Unrestricted file upload vulnerability in admin/editor/filemanager/browser.html in Anantasoft Gazelle CMS 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in user/File/.
CVE-2007-6325 EXPLOITDB text WORKING POC
Fastpublish CMS 1.9999 - RCE
PHP remote file inclusion vulnerability in adminbereich/designconfig.php in Fastpublish CMS 1.9999 allows remote attackers to execute arbitrary PHP code via a URL in the config[fsBase] parameter, a different vector than CVE-2006-2726.
CVE-2008-1773 EXPLOITDB text WORKING POC
Dragoon 0.1 - RCE
PHP remote file inclusion vulnerability in includes/header.inc.php in Dragoon 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
CVE-2007-6479 EXPLOITDB text WRITEUP
Dokeos 1.8.4 - RCE
Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (aka the "My profile" page) in Dokeos 1.8.4 allows remote authenticated users to upload and execute arbitrary PHP files via a filename with a double extension, which can then be accessed through a URI under main/upload/users/.
CVE-2008-2128 EXPLOITDB text WRITEUP
Cms Faethon - Code Injection
PHP remote file inclusion vulnerability in templates/header.php in CMS Faethon 2.2 Ultimate allows remote attackers to execute arbitrary PHP code via a URL in the mainpath parameter, a different vulnerability than CVE-2006-5588 and CVE-2006-3185.
CVE-2008-2228 EXPLOITDB text WORKING POC
Cyberfolio - Code Injection
PHP remote file inclusion vulnerability in portfolio/commentaires/derniers_commentaires.php in Cyberfolio 7.12, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rep parameter.
EIP-2026-106144 EXPLOITDB text WORKING POC
Content Management System for Phprojekt 0.6.1 - Remote File Inclusion
CVE-2008-2912 EXPLOITDB text WORKING POC
Contenido Cms - Code Injection
Multiple PHP remote file inclusion vulnerabilities in Contenido CMS 4.8.4 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenido_path parameter to (a) contenido/backend_search.php; the (2) cfg[path][contenido] parameter to (b) move_articles.php, (c) move_old_stats.php, (d) optimize_database.php, (e) run_newsletter_job.php, (f) send_reminder.php, (g) session_cleanup.php, and (h) setfrontenduserstate.php in contenido/cronjobs/, and (i) includes/include.newsletter_jobs_subnav.php and (j) plugins/content_allocation/includes/include.right_top.php in contenido/; the (3) cfg[path][templates] parameter to (k) includes/include.newsletter_jobs_subnav.php and (l) plugins/content_allocation/includes/include.right_top.php in contenido/; and the (4) cfg[templates][right_top_blank] parameter to (m) plugins/content_allocation/includes/include.right_top.php and (n) contenido/includes/include.newsletter_jobs_subnav.php in contenido/, different vectors than CVE-2006-5380.
CVE-2007-6324 EXPLOITDB text WORKING POC
CityWriter 0.9.7 - RCE
PHP remote file inclusion vulnerability in head.php in CityWriter 0.9.7 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
CVE-2008-3167 EXPLOITDB text WORKING POC
BoonEx Dolphin 6.1.2 - RCE
Multiple PHP remote file inclusion vulnerabilities in BoonEx Dolphin 6.1.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) dir[plugins] parameter to (a) HTMLSax3.php and (b) safehtml.php in plugins/safehtml/ and the (2) sIncPath parameter to (c) ray/modules/global/inc/content.inc.php. NOTE: vector 1 might be a problem in SafeHTML instead of Dolphin.
CVE-2008-3166 EXPLOITDB text WORKING POC
BoonEx Ray 3.5 - RCE
PHP remote file inclusion vulnerability in modules/global/inc/content.inc.php in BoonEx Ray 3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the sIncPath parameter.
EIP-2026-105503 EXPLOITDB text WRITEUP
Black Sheep Web Software Form Tools 1.5 - Multiple Remote File Inclusions
CVE-2008-0091 EXPLOITDB text WORKING POC
Agency4net Webftp - Path Traversal
Directory traversal vulnerability in download2.php in AGENCY4NET WEBFTP 1 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the file parameter.
CVE-2009-4203 EXPLOITDB text WRITEUP
Arab Portal 2.2 - SQL Injection
Multiple SQL injection vulnerabilities in admin/aclass/admin_func.php in Arab Portal 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) X-Forwarded-For or (2) Client-IP HTTP header in a request to the default URI under admin/.
CVE-2009-0527 EXPLOITDB text WORKING POC
AdaptCMS Lite 1.4 - RCE
PHP remote file inclusion vulnerability in plugins/rss_importer_functions.php in AdaptCMS Lite 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter.