Stack

155 exploits Active since Mar 2006
EIP-2026-112399 EXPLOITDB text WORKING POC
Sports Clubs Web Panel 0.0.1 - Arbitrary File Upload
EIP-2026-112226 EXPLOITDB text WORKING POC
SmallBiz eShop - 'content_id' SQL Injection
CVE-2008-6420 EXPLOITDB text WORKING POC
Socialsitegenerator Social Site Generator - Information Disclosure
Social Site Generator (SSG) 2.0 allows remote attackers to read arbitrary files via the file parameter to (1) filedload.php, (2) webadmin/download.php, and (3) webadmin/download_file.php.
CVE-2008-7075 EXPLOITDB php WORKING POC
Kalptaru Infotech Stararticles - SQL Injection
Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. Star Articles 6.0 allow remote attackers to inject arbitrary SQL commands via (1) the subcatid parameter to article.list.php; or the artid parameter to (2) article.print.php, (3) article.comments.php, (4) article.publisher.php, or (5) article.download.php; and (6) the PATH_INFO to article.download.php. NOTE: some of these details are obtained from third party information.
CVE-2007-5156 EXPLOITDB php WORKING POC
FCKeditor <unknown - RCE
Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.
CVE-2008-4244 EXPLOITDB text WORKING POC
Rianxosencabos Cms - Authentication Bypass
Rianxosencabos CMS 0.9 allows remote attackers to bypass authentication and gain administrative access by setting the usuario and pass cookies to 1.
CVE-2008-6009 EXPLOITDB text WORKING POC
SG Real Estate Portal 2.0 - Auth Bypass
SG Real Estate Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the Auth cookie to 1.
CVE-2008-6011 EXPLOITDB php WORKING POC
SG Real Estate Portal 2.0 - SQL Injection
SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
CVE-2008-6247 EXPLOITDB text WORKING POC
Scripts-for-sites EZ Top Sites - SQL Injection
SQL injection vulnerability in topsite.php in Scripts For Sites (SFS) EZ Top Sites allows remote attackers to execute arbitrary SQL commands via the ts parameter.
CVE-2008-6867 EXPLOITDB text WORKING POC
Scripts FOR Sites EZ Career - SQL Injection
SQL injection vulnerability in content.php in Scripts For Sites (SFS) EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter.
CVE-2008-6778 EXPLOITDB text WORKING POC
Scripts-for-sites EZ Auction - SQL Injection
SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-7028 EXPLOITDB text WORKING POC
Aves Rpg Board < 0.0.8 - Authentication Bypass
RPG.Board 0.8 Beta2 and earlier allows remote attackers to bypass authentication and gain privileges by setting the keep4u cookie to a certain value.
CVE-2008-2488 EXPLOITDB text WORKING POC
Beaussier Roomphplanning - Access Control
admin/userform.php in RoomPHPlanning 1.5 does not require administrative credentials, which allows remote authenticated users to create new admin accounts.
CVE-2008-4357 EXPLOITDB php WORKING POC
Powie Plink - SQL Injection
SQL injection vulnerability in linkto.php in Powie pLink 2.07 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2687 EXPLOITDB text WORKING POC
Promanager - Path Traversal
Directory traversal vulnerability in inc/config.php in ProManager 0.73 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
CVE-2008-4528 EXPLOITDB text WORKING POC
Phlatline Personal Information Manager - Path Traversal
Directory traversal vulnerability in notes.php in Phlatline's Personal Information Manager (pPIM) 1.01 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter in an edit action.
EIP-2026-111240 EXPLOITDB text WORKING POC
PHPWebGallery 1.3.4 - Blind SQL Injection (1)
CVE-2008-0355 EXPLOITDB text WORKING POC
Phpecho Cms < 2.0-rc3 - SQL Injection
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866.
CVE-2008-2501 EXPLOITDB text WORKING POC
Henning Stoverud Phphotoalbum - SQL Injection
Multiple SQL injection vulnerabilities in PHPhotoalbum 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) album parameter to thumbnails.php and the (2) pid parameter to displayimage.php.
CVE-2006-1422 EXPLOITDB perl WORKING POC
PHP Booking Calendar <1.0c - SQL Injection
SQL injection vulnerability in details_view.php in PHP Booking Calendar 1.0c and earlier allows remote attackers to execute arbitrary SQL commands via the event_id parameter.
CVE-2008-3454 EXPLOITDB text WORKING POC
JnSHosts PHP Hosting Directory 2.0 - Auth Bypass
JnSHosts PHP Hosting Directory 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the "adm" cookie value to 1.
CVE-2008-4334 EXPLOITDB text WORKING POC
Cannot Php Infoboard - Access Control
PHP infoBoard V.7 Plus allows remote attackers to bypass authentication and gain administrative access by setting the infouser cookie to 1.
CVE-2008-5840 EXPLOITDB text WORKING POC
PHP iCalendar <2.24 - Auth Bypass
PHP iCalendar 2.24 and earlier allows remote attackers to bypass authentication by setting the phpicalendar and phpicalendar_login cookies to 1.
EIP-2026-110656 EXPLOITDB php WORKING POC
PHP Booking Calendar 10 d - 'FCKeditor' Arbitrary File Upload
CVE-2008-7063 EXPLOITDB text WORKING POC
Ocean12tech Faq Manager Pro - Information Disclosure
Ocean12 FAQ Manager Pro stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for admin/o12faq.mdb.