Stack

155 exploits Active since Mar 2006
EIP-2026-106868 EXPLOITDB perl WORKING POC
emuCMS 0.3 - 'FCKeditor' Arbitrary File Upload
CVE-2008-6467 EXPLOITDB text WORKING POC
Diesel Job Site - SQL Injection via job_id Parameter
SQL injection vulnerability in jobs/jobseekers/job-info.php in Diesel Job Site allows remote attackers to execute arbitrary SQL commands via the job_id parameter.
CVE-2008-4167 EXPLOITDB text WRITEUP
ezphotogallery 2.1 - Unauthenticated Administrator Account Manipulation via useradmin.php
useradmin.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 does not require administrative authentication, which allows remote attackers to (1) add or (2) remove an Administrator account.
CVE-2008-5802 EXPLOITDB text WORKING POC
E-topbiz Online Store 1.0 - SQL Injection
SQL injection vulnerability in index.php in E-topbiz Online Store 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
EIP-2026-106498 EXPLOITDB text WRITEUP
Dodo's Quiz Script 1.1 - Local File Inclusion
EIP-2026-106478 EXPLOITDB text WORKING POC
DM FileManager 3.9.4 - Remote File Disclosure
EIP-2026-106414 EXPLOITDB perl WORKING POC
Demo4 CMS 1b - 'FCKeditor' Arbitrary File Upload
EIP-2026-106039 EXPLOITDB php WORKING POC
cmsWorks 2.2 RC4 - 'FCKeditor' Arbitrary File Upload
EIP-2026-105970 EXPLOITDB text WRITEUP
CMS from Scratch 1.1.3 - 'image.php' Directory Traversal
CVE-2008-2522 EXPLOITDB perl WORKING POC
Battle.net Clan Script < 1.5.3 - SQL Injection via showmember Parameter
SQL injection vulnerability in members.php in Battle.net Clan Script for PHP 1.5.3 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showmember parameter in a members action.
CVE-2008-1782 EXPLOITDB text WORKING POC
Advanced Software Engineering ChartDirector 4.1 - Info Disclosure
phpdemo/viewsource.php in Advanced Software Engineering ChartDirector 4.1 allows remote attackers to read sensitive files via the file parameter.
CVE-2008-2844 EXPLOITDB text WORKING POC
carscripts_classifieds - SQL Injection via cat Parameter
SQL injection vulnerability in index.php in Carscripts Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-7181 EXPLOITDB perl WORKING POC
Butterfly Organizer 2.0.0 - Unauthenticated Arbitrary Category and Account Deletion via Parameter Manipulation
Butterfly Organizer 2.0.0 allows remote attackers to (1) delete arbitrary categories via a modified tablehere parameter to category-delete.php with the is_js_confirmed parameter set to 1, or (2) delete arbitrary accounts via the mytable parameter to delete.php.
CVE-2008-0545 EXPLOITDB text WRITEUP
Bubbling Library 1.32 - Path Traversal via URI or Page Parameter
Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) uri parameter to (a) yui-menu.tpl.php, (b) simple.tpl.php, and (c) advanced.tpl.php in dispatcher/framework/; and the (2) page parameter to (d) yui-menu.php, (e) simple.php, and (f) advanced.php in dispatcher/framework/, different vectors than CVE-2008-0521.
CVE-2008-0521 EXPLOITDB text WORKING POC
Bubbling Library 1.32 - Path Traversal via URI Parameter
Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to read arbitrary files via a .. (dot dot) in the uri parameter to dispatcher.php in (1) examples/dispatcher/framework/, (2) examples/dispatcher/, (3) examples/wizard/, and (4) PHP/, different vectors than CVE-2008-0545.
CVE-2008-2846 EXPLOITDB text WORKING POC
BoatScripts Classifieds - SQL Injection via Type Parameter
SQL injection vulnerability in index.php in BoatScripts Classifieds allows remote attackers to execute arbitrary SQL commands via the type parameter.
CVE-2008-4708 EXPLOITDB text WORKING POC
bbzl.php 0.92 - Unauthenticated Authentication Bypass via phorum_admin_session Cookie
BbZL.PhP 0.92 allows remote attackers to bypass authentication and gain administrative access by setting the phorum_admin_session cookie to 1.
EIP-2026-105407 EXPLOITDB text WRITEUP
Basic-CMS - Remote Database Disclosure
CVE-2008-2356 EXPLOITDB perl WORKING POC
Archangel Weblog < 0.90.02 - SQL Injection via post_id Parameter
SQL injection vulnerability in index.php in Archangel Weblog 0.90.02 and earlier allows remote attackers to execute arbitrary SQL commands via the post_id parameter.
CVE-2008-5497 EXPLOITDB text WORKING POC
BandSite CMS 1.1.4 - Unauthenticated Authentication Bypass via login_auth Cookie
BandSite CMS 1.1.4 allows remote attackers to bypass authentication and gain administrative access by setting the login_auth cookie to true.
CVE-2008-4375 EXPLOITDB text WORKING POC
Availscript Classmate Script - SQL Injection via viewprofile.php p Parameter
SQL injection vulnerability in viewprofile.php in Availscript Classmate Script allows remote attackers to execute arbitrary SQL commands via the p parameter.
CVE-2008-4714 EXPLOITDB text WORKING POC
Atomic Photo Album 1.1.0 pre4 - Authentication Bypass via Cookie Manipulation
Atomic Photo Album 1.1.0 pre4 does not properly handle the apa_cookie_login and apa_cookie_password cookies, which probably allows remote attackers to bypass authentication and gain administrative access via modified cookies.
CVE-2008-4335 EXPLOITDB php WORKING POC
Atomic Photo Album 1.1.0pre4 - SQL Injection via apa_album_ID Parameter
SQL injection vulnerability in album.php in Atomic Photo Album (APA) 1.1.0pre4 allows remote attackers to execute arbitrary SQL commands via the apa_album_ID parameter.
CVE-2008-4902 EXPLOITDB php WORKING POC
Article Publisher Pro 1.5 - SQL Injection via Userid Parameter
SQL injection vulnerability in contact_author.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter.
CVE-2008-2395 EXPLOITDB perl WORKING POC
AlkalinePHP < 0.80.00 - SQL Injection via Thread ID Parameter
SQL injection vulnerability in thread.php in AlkalinePHP 0.80.00 beta and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.