Scary-Boys

4 exploits Active since Jan 2008
CVE-2008-3508 EXPLOITDB text WORKING POC
LiteNews 0.1 - Unauthenticated Authentication Bypass via Admin Cookie
LiteNews 0.1 (aka 01), and possibly 1.2 and earlier, allows remote attackers to bypass authentication and gain administrative access by setting the admin cookie.
CVE-2008-0357 EXPLOITDB text WRITEUP
Galaxyscripts Mini File Host < 1.2.1 - Unauthenticated Path Traversal via Language Parameter
Directory traversal vulnerability in pages/upload.php in Galaxyscripts Mini File Host 1.2.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.
CVE-2008-0357 EXPLOITDB perl WORKING POC
Galaxyscripts Mini File Host < 1.2.1 - Unauthenticated Path Traversal via Language Parameter
Directory traversal vulnerability in pages/upload.php in Galaxyscripts Mini File Host 1.2.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.
CVE-2008-3557 EXPLOITDB text WORKING POC
Free Hosting Manager 1.2-2.0 - Auth Bypass
Free Hosting Manager 1.2 and 2.0 allows remote attackers to bypass authentication and gain administrative access by setting both the adminuser and loggedin cookies.