Salvatore "drosophila" Fresta

30 exploits Active since Feb 2009
CVE-2009-0852 EXPLOITDB text WORKING POC
CelerBB 0.0.2 - Exposure of Sensitive Information via User Parameter
showme.php in CelerBB 0.0.2 allows remote attackers to obtain "reserved information" via the user parameter.
CVE-2009-0851 EXPLOITDB text WORKING POC
CelerBB 0.0.2 - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewforum.php and (2) viewtopic.php.
CVE-2009-4885 EXPLOITDB text WORKING POC
phpCommunity 2 2.1.8 - Cross-Site Scripting via msg Parameter in login.php
Cross-site scripting (XSS) vulnerability in templates/1/login.php in phpCommunity 2 2.1.8 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
CVE-2009-4884 EXPLOITDB text WORKING POC
phpCommunity 2 2.1.8 - SQL Injection via forum_id or topic_id Parameter
Multiple SQL injection vulnerabilities in phpCommunity 2 2.1.8, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the forum_id parameter in a forum action to index.php, (2) the topic_id parameter in a forum action to index.php, (3) the wert parameter in an id search action to index.php, (4) the wert parameter in a nick search action to index.php, or (5) the wert parameter in a forum search action to index.php, related to class_forum.php and class_search.php.
CVE-2009-4801 EXPLOITDB text WORKING POC
EZ-Blog Beta 1 - Unauthenticated Arbitrary Post Creation and Deletion
EZ-Blog Beta 1 does not require authentication, which allows remote attackers to create or delete arbitrary posts via requests to PHP scripts.
EIP-2026-113438 EXPLOITDB text WORKING POC
Wili-CMS 0.4.0 - Local File Inclusion / Remote File Inclusion / Authentication Bypass
CVE-2009-1222 EXPLOITDB text WORKING POC
webEdition <= 6.0.0.4 - Remote File Inclusion via WE_LANGUAGE Parameter
Directory traversal vulnerability in index.php in webEdition 6.0.0.4 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the WE_LANGUAGE parameter.
CVE-2009-1453 EXPLOITDB text WRITEUP
Tiny Blogr 1.0.0 rc4 - SQL Injection via txtUsername Parameter
SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the txtUsername parameter (aka the Username field). NOTE: some of these details are obtained from third party information.
EIP-2026-111781 EXPLOITDB text WRITEUP
ritsblog 0.4.2 - Authentication Bypass / Cross-Site Scripting
CVE-2009-1480 EXPLOITDB text WORKING POC
Pragyan CMS 2.6.4 - SQL Injection via Fileget Parameter
SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remote attackers to execute arbitrary SQL commands via the fileget parameter in a view action and other unspecified vectors.
CVE-2009-4886 EXPLOITDB text WORKING POC
phpCommunity 2 2.1.8 - Path Traversal via File or Path Parameter
Multiple directory traversal vulnerabilities in phpCommunity 2 2.1.8 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) file parameter to module/admin/files/show_file.php and the (2) path parameter to module/admin/files/show_source.php.
EIP-2026-110794 EXPLOITDB text WORKING POC
PHP-Agenda 2.2.5 - Remote File Overwriting
EIP-2026-109630 EXPLOITDB text WRITEUP
multi-lingual E-Commerce system 0.2 - Multiple Vulnerabilities
CVE-2009-0882 EXPLOITDB text WORKING POC
nForum 1.5 - SQL Injection via id or user Parameter
Multiple SQL injection vulnerabilities in nForum 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to showtheme.php and the (2) user parameter to userinfo.php.
EIP-2026-109357 EXPLOITDB text WRITEUP
Max.Blog 1.0.6 - 'submit_post.php' SQL Injection
EIP-2026-109202 EXPLOITDB text WORKING POC
Loggix Project 9.4.5 - 'refer_id' Blind SQL Injection
CVE-2009-0409 EXPLOITDB text WORKING POC
Max.Blog <= 1.0.6 - SQL Injection via Username Parameter
SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.
EIP-2026-109356 EXPLOITDB text WORKING POC
Max.Blog 1.0.6 - 'show_post.php' SQL Injection
CVE-2009-1263 EXPLOITDB text WORKING POC
com_bookjoomlas 0.1 - SQL Injection via gbid Parameter
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php.
EIP-2026-107042 EXPLOITDB text WORKING POC
Family Connections CMS 1.8.2 - Blind SQL Injection
EIP-2026-107038 EXPLOITDB c WORKING POC
Family Connections 1.8.2 - Arbitrary File Upload
CVE-2009-4791 EXPLOITDB text WORKING POC
Family Connections <1.8.2 - SQL Injection
Multiple SQL injection vulnerabilities in Family Connections (aka FCMS) before 1.8.2 allow remote attackers to execute arbitrary SQL commands via the (1) letter parameter to addressbook.php, (2) id parameter to recipes.php, (3) year parameter to register.php, (4) poll_id parameter to home.php, and (5) email parameter to lostpw.php.
CVE-2009-4805 EXPLOITDB text WORKING POC
EZ-Blog Beta 1 - SQL Injection via StoryID or Kill Parameter
Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the storyid parameter to public/view.php or (2) the kill parameter to admin/remove.php.
EIP-2026-106606 EXPLOITDB text WORKING POC
dynamic flash forum 1.0 Beta - Multiple Vulnerabilities
CVE-2009-4925 EXPLOITDB text WRITEUP
creasito e-commerce content manager 1.3.16 - SQL Injection via Username Parameter
Multiple SQL injection vulnerabilities in Portale e-commerce Creasito (aka creasito e-commerce content manager) 1.3.16, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) admin/checkuser.php and (2) checkuser.php.