Silentz

29 exploits Active since May 2007
CVE-2007-2599 EXPLOITDB perl WORKING POC
TutorialCMS <1.00 - SQL Injection
Multiple SQL injection vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) catFile parameter to (a) browseCat.php or (b) browseSubCat.php; the (2) id parameter to (c) openTutorial.php, (d) topFrame.php, or (e) admin/editListing.php; or (3) the search parameter to search.php.
CVE-2007-3312 EXPLOITDB php WORKING POC
Efstratios Geroulis Jasmine Cms - Path Traversal
Directory traversal vulnerability in admin/plugin_manager.php in Jasmine CMS 1.0 allows remote authenticated administrators to include and execute arbitrary local files a .. (dot dot) in the u parameter. NOTE: a separate vulnerability could be leveraged to make this issue exploitable by remote unauthenticated attackers.
CVE-2007-2901 EXPLOITDB perl WORKING POC
Dokeos <1.8.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the img parameter to main/inc/lib/fckeditor/editor/plugins/ImageManager/editor.php and other unspecified vectors.
CVE-2007-3234 EXPLOITDB perl WORKING POC
Fuzzylime Forum - SQL Injection
SQL injection vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the topic parameter.
CVE-2007-3214 EXPLOITDB php WORKING POC
E-vision Cms < 2.02 - SQL Injection
SQL injection vulnerability in style.php in e-Vision CMS 2.02 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the template parameter.
CVE-2007-6666 EXPLOITDB perl WORKING POC
Zenphoto <1.1.3 - SQL Injection
SQL injection vulnerability in rss.php in Zenphoto 1.1 through 1.1.3 allows remote attackers to execute arbitrary SQL commands via the albumnr parameter.
CVE-2007-2822 EXPLOITDB text WRITEUP
TutorialCMS <1.01 - Auth Bypass
TutorialCMS 1.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication via the (1) loggedIn and (2) activated parameters to (a) login.php, (b) headerLinks.php, (c) submit1.php, (d) myFav.php, and (e) userCP.php.
CVE-2007-2600 EXPLOITDB perl WORKING POC
TutorialCMS <1.00 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in TutorialCMS (aka Photoshop Tutorials) 1.00 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) catFile parameter to (a) browseCat.php or (b) browseSubCat.php; the (2) id parameter to (c) openTutorial.php, (d) topFrame.php, or (e) admin/editListing.php; or the (3) search parameter to search.php.
CVE-2007-2622 EXPLOITDB perl WORKING POC
TaskDriver <1.2 - SQL Injection
Multiple SQL injection vulnerabilities in TaskDriver 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to login.php or (2) the taskid parameter to notes.php.
CVE-2007-2750 EXPLOITDB perl WORKING POC
SimpNews <2.40.01 - SQL Injection
SQL injection vulnerability in print.php in SimpNews 2.40.01 and earlier allows remote attackers to execute arbitrary SQL commands via the newsnr parameter.
CVE-2007-2598 EXPLOITDB perl WORKING POC
SimpleNews 1.0.0 FINAL - SQL Injection
SQL injection vulnerability in print.php in SimpleNews 1.0.0 FINAL allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
CVE-2007-3082 EXPLOITDB php WORKING POC
Sendcard < 3.4.1 - Path Traversal
Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sc_language parameter.
CVE-2008-0358 EXPLOITDB php WORKING POC
Pixelpost - SQL Injection
SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter.
EIP-2026-110581 EXPLOITDB php WORKING POC
Pheap 2.0 - 'config.php' Pheap_Login Authentication Bypass
CVE-2007-3065 EXPLOITDB php WORKING POC
Particle Soft Particle Gallery - SQL Injection
SQL injection vulnerability in viewimage.php in Particle Soft Particle Gallery 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the editcomment parameter, a different version and vector than CVE-2006-2862.
CVE-2007-3096 EXPLOITDB php WORKING POC
Pblang < 4.67.16.a - Path Traversal
Directory traversal vulnerability in login.php in PBLang (PBL) 4.67.16.a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
CVE-2007-2985 EXPLOITDB php WORKING POC
Pheap - Access Control
Pheap 2.0 allows remote attackers to bypass authentication by setting a pheap_login cookie value to the administrator's username, which can be used to (1) obtain sensitive information, including the administrator password, via settings.php or (2) upload and execute arbitrary PHP code via an update_doc action in edit.php.
CVE-2008-0382 EXPLOITDB php WORKING POC
Mybulletinboard - Code Injection
Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
CVE-2007-2942 EXPLOITDB perl WORKING POC
My Little Forum <1.7 - SQL Injection
SQL injection vulnerability in user.php in My Little Forum 1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-4781 EXPLOITDB php WORKING POC
Joomla - Improper Input Validation
administrator/index.php in the installer component (com_installer) in Joomla! 1.5 Beta1, Beta2, and RC1 allows remote authenticated administrators to upload arbitrary files to tmp/ via the "Upload Package File" functionality, which is accessible when com_installer is the value of the option parameter.
CVE-2007-3313 EXPLOITDB php WORKING POC
Efstratios Geroulis Jasmine Cms - SQL Injection
Multiple SQL injection vulnerabilities in Jasmine CMS 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the login_username parameter to login.php or (2) the item parameter to news.php.
CVE-2007-3235 EXPLOITDB perl WORKING POC
Fuzzylime Forum - SQL Injection
Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to inject arbitrary web script or HTML via the topic parameter. NOTE: this might be resultant from SQL injection.
CVE-2007-2971 EXPLOITDB php WORKING POC
Greg Neustaetter Gcards < 1.46 - SQL Injection
SQL injection vulnerability in getnewsitem.php in gCards 1.46 and earlier allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
CVE-2007-2749 EXPLOITDB perl WORKING POC
FAQEngine <4.16.03 - SQL Injection
SQL injection vulnerability in question.php in FAQEngine 4.16.03 and earlier allows remote attackers to execute arbitrary SQL commands via the questionref parameter in a display action.
CVE-2007-3077 EXPLOITDB python WORKING POC
Eqdkp < 1.3.2 - SQL Injection
SQL injection vulnerability in listmembers.php in EQdkp 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the rank parameter.