StAkeR

100 exploits Active since Jan 2006
CVE-2008-4486 EXPLOITDB WORKING POC
Yerba < 6.3 - Remote Code Execution via Path Traversal in mod Parameter
Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter.
CVE-2009-2176 EXPLOITDB text WORKING POC
fuzzylime_cms <= 3.03a - Remote File Inclusion via Directory Traversal
Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.03a and earlier, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) list parameter to code/confirm.php and the (2) template parameter to code/display.php.
CVE-2008-6248 EXPLOITDB text WORKING POC
Galatolo WebManager 1.3a - Cross-Site Scripting via Tag Parameter
Cross-site scripting (XSS) vulnerability in all.php in Galatolo WebManager 1.3a and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter.
CVE-2008-6108 EXPLOITDB python WORKING POC
Galatolo WebManager 1.0 - Cross-Site Scripting via result.php key Parameter
Cross-site scripting (XSS) vulnerability in result.php in Galatolo WebManager (GWM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter.
CVE-2008-3205 EXPLOITDB text WRITEUP
Easy-Script Wysi Wiki Wyg 1.0 - Path Traversal
Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter.
CVE-2008-6167 EXPLOITDB text WRITEUP
miniPortail 2.2 - Path Traversal via lng Parameter
Directory traversal vulnerability in search.php in miniPortail 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lng parameter.
CVE-2008-5322 EXPLOITDB text WRITEUP
Wysi Wiki Wyg 1.0 - Info Disclosure
Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.
CVE-2008-4887 EXPLOITDB text WRITEUP
NetRisk < 2.0 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in NetRisk 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third party information.
CVE-2008-4700 EXPLOITDB python WORKING POC
Liberia CMS < 1.12 - SQL Injection via libera_staff_pass Cookie Parameter
SQL injection vulnerability in admin.php in Libera CMS 1.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_pass cookie parameter.
CVE-2008-5323 EXPLOITDB text WRITEUP
Wysi Wiki Wyg 1.0 - Cross-Site Scripting via Index.php s Parameter
Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
EIP-2026-114399 EXPLOITDB bash WORKING POC
Wysi Wiki Wyg 1.0 - Remote Password Retrieve
EIP-2026-114460 EXPLOITDB php WORKING POC
XOOPS 2.3.2 - 'mydirname' PHP Remote Code Execution
CVE-2008-5873 EXPLOITDB text WRITEUP
Yerba SACphp < 6.3 - Unauthenticated Authentication Bypass via galleta[sesion] Cookie
Yerba SACphp 6.3 and earlier allows remote attackers to bypass authentication and gain administrative access via a galleta[sesion] cookie that has a value beginning with 1:1: followed by a username.
CVE-2008-7192 EXPLOITDB text WRITEUP
WoltLab Burning Board <3.0.1 - CSRF
Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472.
EIP-2026-113366 EXPLOITDB c WORKING POC
webSPELL 4.2.0d (Linux) - Local File Disclosure
EIP-2026-113098 EXPLOITDB text WRITEUP
Vikingboard 0.2 Beta - 'register.php' SQL Column Truncation Unauthorized Access
CVE-2008-6795 EXPLOITDB text WORKING POC
nicLOR Vibro-School-CMS - SQL Injection via nID Parameter
SQL injection vulnerability in view_news.php in nicLOR Vibro-School-CMS allows remote attackers to execute arbitrary SQL commands via the nID parameter.
EIP-2026-113100 EXPLOITDB text WORKING POC
Vikingboard 0.2 Beta - SQL Column Truncation
CVE-2008-4345 EXPLOITDB perl WORKING POC
WebPortal CMS < 0.7.4 - SQL Injection via download.php aid Parameter
SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter.
EIP-2026-113363 EXPLOITDB text WORKING POC
webSPELL 4.01.02 - 'id' Remote Edit Topics
EIP-2026-112765 EXPLOITDB text WORKING POC
TR News 2.1 - 'login.php' Remote Authentication Bypass
CVE-2008-6727 EXPLOITDB perl WORKING POC
Upb - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) 2.2.2, 2.2.1, and earlier 2.x versions allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.
CVE-2008-5708 EXPLOITDB php WORKING POC
SlimCMS 1.0.0 - Unauthenticated Administrative User Creation via redirect.php
redirect.php in SlimCMS 1.0.0 does not require authentication, which allows remote attackers to create administrative users by using the newusername and newpassword parameters and setting the newisadmin parameter to 1.
CVE-2008-5491 EXPLOITDB perl WORKING POC
slimcms < 1.0.0 - SQL Injection via edit.php pageID Parameter
SQL injection vulnerability in edit.php in SlimCMS 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the pageID parameter.
CVE-2008-4592 EXPLOITDB text WRITEUP
Sports Clubs Web Panel 0.0.1 - Path Traversal via Index.php p Parameter
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter.