StAkeR

100 exploits Active since Jan 2006
CVE-2008-4486 EXPLOITDB WORKING POC
Yerba < 6.3 - Path Traversal
Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter.
CVE-2009-2176 EXPLOITDB text WORKING POC
fuzzylime 3.03a - Path Traversal
Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.03a and earlier, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) list parameter to code/confirm.php and the (2) template parameter to code/display.php.
CVE-2008-6248 EXPLOITDB text WORKING POC
Galatolo Webmanager - XSS
Cross-site scripting (XSS) vulnerability in all.php in Galatolo WebManager 1.3a and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter.
CVE-2008-6108 EXPLOITDB python WORKING POC
Galatolo WebManager 1.0 - XSS
Cross-site scripting (XSS) vulnerability in result.php in Galatolo WebManager (GWM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter.
CVE-2008-3205 EXPLOITDB text WRITEUP
Easy-Script Wysi Wiki Wyg 1.0 - Path Traversal
Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter.
CVE-2008-6167 EXPLOITDB text WRITEUP
Miniportail - Path Traversal
Directory traversal vulnerability in search.php in miniPortail 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lng parameter.
CVE-2008-5322 EXPLOITDB text WRITEUP
Wysi Wiki Wyg 1.0 - Info Disclosure
Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.
CVE-2008-4887 EXPLOITDB text WRITEUP
Netrisk < 2.0 - SQL Injection
SQL injection vulnerability in index.php in NetRisk 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third party information.
CVE-2008-4700 EXPLOITDB python WORKING POC
Liberiacms Liberia Cms < 1.12 - SQL Injection
SQL injection vulnerability in admin.php in Libera CMS 1.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_pass cookie parameter.
CVE-2008-5323 EXPLOITDB text WRITEUP
Wysi Wiki Wyg 1.0 - XSS
Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
EIP-2026-114399 EXPLOITDB bash WORKING POC
Wysi Wiki Wyg 1.0 - Remote Password Retrieve
EIP-2026-114460 EXPLOITDB php WORKING POC
XOOPS 2.3.2 - 'mydirname' PHP Remote Code Execution
CVE-2008-5873 EXPLOITDB text WRITEUP
Yerba SACphp <6.3 - Auth Bypass
Yerba SACphp 6.3 and earlier allows remote attackers to bypass authentication and gain administrative access via a galleta[sesion] cookie that has a value beginning with 1:1: followed by a username.
CVE-2008-7192 EXPLOITDB text WRITEUP
WoltLab Burning Board <3.0.1 - CSRF
Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472.
EIP-2026-113366 EXPLOITDB c WORKING POC
webSPELL 4.2.0d (Linux) - Local File Disclosure
EIP-2026-113098 EXPLOITDB text WRITEUP
Vikingboard 0.2 Beta - 'register.php' SQL Column Truncation Unauthorized Access
CVE-2008-6795 EXPLOITDB text WORKING POC
Niclor Vibro-school-cms - SQL Injection
SQL injection vulnerability in view_news.php in nicLOR Vibro-School-CMS allows remote attackers to execute arbitrary SQL commands via the nID parameter.
EIP-2026-113100 EXPLOITDB text WORKING POC
Vikingboard 0.2 Beta - SQL Column Truncation
CVE-2008-4345 EXPLOITDB perl WORKING POC
Webportal Cms < 0.7.4 - SQL Injection
SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter.
EIP-2026-113363 EXPLOITDB text WORKING POC
webSPELL 4.01.02 - 'id' Remote Edit Topics
EIP-2026-112765 EXPLOITDB text WORKING POC
TR News 2.1 - 'login.php' Remote Authentication Bypass
CVE-2008-6727 EXPLOITDB perl WORKING POC
Upb - XSS
Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) 2.2.2, 2.2.1, and earlier 2.x versions allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.
CVE-2008-5708 EXPLOITDB php WORKING POC
SlimCMS 1.0.0 - Open Redirect
redirect.php in SlimCMS 1.0.0 does not require authentication, which allows remote attackers to create administrative users by using the newusername and newpassword parameters and setting the newisadmin parameter to 1.
CVE-2008-5491 EXPLOITDB perl WORKING POC
SlimCMS <1.0.0 - SQL Injection
SQL injection vulnerability in edit.php in SlimCMS 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the pageID parameter.
CVE-2008-4592 EXPLOITDB text WRITEUP
Sportspanel Sports Clubs Web Portal - Path Traversal
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter.