Stack-Terrorist

8 exploits Active since Jan 2008
EIP-2026-114633 EXPLOITDB text WORKING POC
Zomplog 3.8.2 - 'force_download.php' File Disclosure
EIP-2026-112226 EXPLOITDB text WORKING POC
SmallBiz eShop - 'content_id' SQL Injection
CVE-2008-0355 EXPLOITDB text WORKING POC
Phpecho Cms < 2.0-rc3 - SQL Injection
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866.
CVE-2008-2454 EXPLOITDB perl WORKING POC
Joomla Com Xsstream-dm - SQL Injection
SQL injection vulnerability in the xsstream-dm (com_xsstream-dm) component 0.01 Beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the movie parameter to index.php.
CVE-2008-4617 EXPLOITDB text WORKING POC
Pyxicom Actualite - SQL Injection
SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-106498 EXPLOITDB text WRITEUP
Dodo's Quiz Script 1.1 - Local File Inclusion
CVE-2008-0521 EXPLOITDB text WORKING POC
Bubbling Library - Path Traversal
Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to read arbitrary files via a .. (dot dot) in the uri parameter to dispatcher.php in (1) examples/dispatcher/framework/, (2) examples/dispatcher/, (3) examples/wizard/, and (4) PHP/, different vectors than CVE-2008-0545.
CVE-2008-1782 EXPLOITDB text WORKING POC
Advanced Software Engineering ChartDirector 4.1 - Info Disclosure
phpdemo/viewsource.php in Advanced Software Engineering ChartDirector 4.1 allows remote attackers to read sensitive files via the file parameter.