StAkeR aka athos

8 exploits Active since Oct 2008
CVE-2008-4887 EXPLOITDB text WRITEUP
Netrisk < 2.0 - SQL Injection
SQL injection vulnerability in index.php in NetRisk 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third party information.
CVE-2008-5708 EXPLOITDB php WORKING POC
SlimCMS 1.0.0 - Open Redirect
redirect.php in SlimCMS 1.0.0 does not require authentication, which allows remote attackers to create administrative users by using the newusername and newpassword parameters and setting the newisadmin parameter to 1.
EIP-2026-110690 EXPLOITDB perl WORKING POC
PHP Easy Downloader 1.5 - Remote File Creation
CVE-2008-4888 EXPLOITDB text WRITEUP
Netrisk < 2.0 - XSS
Cross-site scripting (XSS) vulnerability in error.php in NetRisk 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-4628 EXPLOITDB php WORKING POC
Mywebland Minibloggie - SQL Injection
SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote attackers to execute arbitrary SQL commands via the post_id parameter.
CVE-2008-6805 EXPLOITDB php WORKING POC
Micgr Mic Blog - SQL Injection
Multiple SQL injection vulnerabilities in Mic_Blog 0.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to category.php, the (2) user parameter to login.php, and the (3) site parameter to register.php.
CVE-2008-4603 EXPLOITDB perl WORKING POC
Igaming Cms - SQL Injection
SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action.
CVE-2008-5966 EXPLOITDB php WORKING POC
Globsy <1.0 - Code Injection
globsy_edit.php in Globsy 1.0 and earlier allows remote attackers to create or overwrite arbitrary files via a filename in the file parameter and file contents in the data parameter.