Stack

155 exploits Active since Mar 2006
EIP-2026-112399 EXPLOITDB text WORKING POC
Sports Clubs Web Panel 0.0.1 - Arbitrary File Upload
EIP-2026-112226 EXPLOITDB text WORKING POC
SmallBiz eShop - 'content_id' SQL Injection
CVE-2008-6420 EXPLOITDB text WORKING POC
Social Site Generator 2.0 - Unauthenticated Arbitrary File Read via File Parameter
Social Site Generator (SSG) 2.0 allows remote attackers to read arbitrary files via the file parameter to (1) filedload.php, (2) webadmin/download.php, and (3) webadmin/download_file.php.
CVE-2008-7075 EXPLOITDB php WORKING POC
Kalptaru Infotech Stararticles - SQL Injection
Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. Star Articles 6.0 allow remote attackers to inject arbitrary SQL commands via (1) the subcatid parameter to article.list.php; or the artid parameter to (2) article.print.php, (3) article.comments.php, (4) article.publisher.php, or (5) article.download.php; and (6) the PATH_INFO to article.download.php. NOTE: some of these details are obtained from third party information.
CVE-2007-5156 EXPLOITDB php WORKING POC
FCKeditor - Remote Code Execution via File Upload
Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.
CVE-2008-4244 EXPLOITDB text WORKING POC
Rianxosencabos CMS 0.9 - Unauthenticated Authentication Bypass via Cookie Manipulation
Rianxosencabos CMS 0.9 allows remote attackers to bypass authentication and gain administrative access by setting the usuario and pass cookies to 1.
CVE-2008-6009 EXPLOITDB text WORKING POC
SG Real Estate Portal 2.0 - Auth Bypass
SG Real Estate Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the Auth cookie to 1.
CVE-2008-6011 EXPLOITDB php WORKING POC
SG Real Estate Portal 2.0 - SQL Injection
SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
CVE-2008-6247 EXPLOITDB text WORKING POC
Scripts For Sites EZ Top Sites - SQL Injection via topsite.php ts Parameter
SQL injection vulnerability in topsite.php in Scripts For Sites (SFS) EZ Top Sites allows remote attackers to execute arbitrary SQL commands via the ts parameter.
CVE-2008-6867 EXPLOITDB text WORKING POC
Scripts For Sites EZ Career - SQL Injection via Topic Parameter
SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter.
CVE-2008-6778 EXPLOITDB text WORKING POC
Scripts for Sites EZ Auction - SQL Injection via viewfaqs.php cat Parameter
SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-7028 EXPLOITDB text WORKING POC
RPG.Board <= 0.8 Beta2 - Unauthenticated Authentication Bypass via keep4u Cookie
RPG.Board 0.8 Beta2 and earlier allows remote attackers to bypass authentication and gain privileges by setting the keep4u cookie to a certain value.
CVE-2008-2488 EXPLOITDB text WORKING POC
RoomPHPlanning 1.5 - Authenticated Privilege Escalation via admin/userform.php
admin/userform.php in RoomPHPlanning 1.5 does not require administrative credentials, which allows remote authenticated users to create new admin accounts.
CVE-2008-4357 EXPLOITDB php WORKING POC
Powie pLink 2.07 - SQL Injection via id Parameter
SQL injection vulnerability in linkto.php in Powie pLink 2.07 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2687 EXPLOITDB text WORKING POC
ProManager 0.73 - Remote File Inclusion via Language Parameter Path Traversal
Directory traversal vulnerability in inc/config.php in ProManager 0.73 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
CVE-2008-4528 EXPLOITDB text WORKING POC
Phlatline Personal Information Manager 1.01 - Path Traversal via Notes.php ID Parameter
Directory traversal vulnerability in notes.php in Phlatline's Personal Information Manager (pPIM) 1.01 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter in an edit action.
EIP-2026-111240 EXPLOITDB text WORKING POC
PHPWebGallery 1.3.4 - Blind SQL Injection (1)
CVE-2008-0355 EXPLOITDB text WORKING POC
phpecho_cms < 2.0-rc3 - SQL Injection via Forum Module id Parameter
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866.
CVE-2008-2501 EXPLOITDB text WORKING POC
PHPhotoalbum 0.5 - SQL Injection via Album or PID Parameter
Multiple SQL injection vulnerabilities in PHPhotoalbum 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) album parameter to thumbnails.php and the (2) pid parameter to displayimage.php.
CVE-2006-1422 EXPLOITDB perl WORKING POC
PHP Booking Calendar <1.0c - SQL Injection
SQL injection vulnerability in details_view.php in PHP Booking Calendar 1.0c and earlier allows remote attackers to execute arbitrary SQL commands via the event_id parameter.
CVE-2008-3454 EXPLOITDB text WORKING POC
JnSHosts PHP Hosting Directory 2.0 - Auth Bypass
JnSHosts PHP Hosting Directory 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the "adm" cookie value to 1.
CVE-2008-4334 EXPLOITDB text WORKING POC
PHP infoBoard V.7 Plus - Unauthenticated Authentication Bypass via infouser Cookie
PHP infoBoard V.7 Plus allows remote attackers to bypass authentication and gain administrative access by setting the infouser cookie to 1.
CVE-2008-5840 EXPLOITDB text WORKING POC
phpicalendar <= 2.24 - Unauthenticated Authentication Bypass via Cookie Manipulation
PHP iCalendar 2.24 and earlier allows remote attackers to bypass authentication by setting the phpicalendar and phpicalendar_login cookies to 1.
EIP-2026-110656 EXPLOITDB php WORKING POC
PHP Booking Calendar 10 d - 'FCKeditor' Arbitrary File Upload
CVE-2008-7063 EXPLOITDB text WORKING POC
Ocean12 FAQ Manager Pro - Unauthenticated Sensitive Data Exposure via Direct Database Request
Ocean12 FAQ Manager Pro stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for admin/o12faq.mdb.