ThE TiGeR

29 exploits Active since Mar 2007
CVE-2007-2817 EXPLOITDB WORKING POC
ol_bookmarks 0.7.4 - SQL Injection via id Parameter
SQL injection vulnerability in read/index.php in ol'bookmarks 0.7.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-6518 EXPLOITDB WORKING POC
WoltLab Burning Board (wBB) Lite 1.0.2 pl3e - SQL Injection
Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters.
CVE-2007-4807 EXPLOITDB text WORKING POC
Focus/SIS 2.2 - Remote Code Execution via Staticpath Parameter
Multiple PHP remote file inclusion vulnerabilities in Focus/SIS 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the staticpath parameter to (1) modules/Discipline/CategoryBreakdownTime.php or (2) modules/Discipline/StudentFieldBreakdown.php.
CVE-2007-4806 EXPLOITDB text WORKING POC
Focus/SIS 1.0 - Remote Code Execution via FocusPath Parameter
PHP remote file inclusion vulnerability in modules/Discipline/CategoryBreakdownTime.php in Focus/SIS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the FocusPath parameter.
CVE-2007-2816 EXPLOITDB text WORKING POC
ol_bookmarks 0.7.4 - Remote Code Execution via Root Parameter in Theme Files
Multiple PHP remote file inclusion vulnerabilities in ol'bookmarks 0.7.4 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) test1.php, (2) blackorange.php, (3) default.php, (4) frames1.php, (5) frames1_top.php, (7) test2.php, (8) test3.php, (9) test4.php, (10) test5.php, (11) test6.php, (12) frames1_left.php, and (13) frames1_center.php in themes/.
CVE-2007-2596 EXPLOITDB text WORKING POC
aForum < 1.32 - Remote File Inclusion via CommonAbsDir Parameter
PHP remote file inclusion vulnerability in common/func.php in aForum 1.32 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CommonAbsDir parameter.
CVE-2006-7127 EXPLOITDB text WORKING POC
JAF CMS 4.0 and 4.0 RC2 - Remote Code Execution via main_dir Parameter
Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the main_dir parameter to (1) forum/main.php and (2) forum/headlines.php.
CVE-2007-2709 EXPLOITDB text WRITEUP
NagiosQL 2005 2.00 - Remote File Inclusion via SETS[path][physical] Parameter
PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2005 2.00 allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][physical] parameter.
CVE-2007-2575 EXPLOITDB text WRITEUP
vm_watermark 0.4.1 - Remote Code Execution via GALLERY_BASEDIR Parameter
PHP remote file inclusion vulnerability in watermark.php in the vm (aka Jean-Francois Laflamme) watermark 0.4.1 mod for Gallery allows remote attackers to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter.
CVE-2007-2943 EXPLOITDB text WRITEUP
webavis < 0.1.1 - Remote File Inclusion via Root Parameter
PHP remote file inclusion vulnerability in class/class.php in Webavis 0.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
CVE-2007-2573 EXPLOITDB text WORKING POC
PHPtree 1.3 - Remote Code Execution
PHP remote file inclusion vulnerability in plugin/HP_DEV/cms2.php in PHPtree 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the s_dir parameter.
CVE-2007-1778 EXPLOITDB text WORKING POC
eve-nuke_forum - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2007-4763 EXPLOITDB text WORKING POC
PHP Object Framework < 20040226 - Remote Code Execution via PHPOF_INCLUDE_PATH Parameter
PHP remote file inclusion vulnerability in dbmodules/DB_adodb.class.php in PHP Object Framework (PHPOF) 20040226 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHPOF_INCLUDE_PATH parameter.
CVE-2008-6409 EXPLOITDB text WORKING POC
ol'bookmarks manager 0.7.5 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in ol'bookmarks manager 0.7.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a brain action.
CVE-2007-2710 EXPLOITDB text WRITEUP
NagiosQL < 2.00-p00 - Remote File Inclusion via SETS[path][IT] Parameter
PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2.00-P00 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][IT] parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-2608 EXPLOITDB text WORKING POC
Miplex2 Alpha 1 - Remote File Inclusion via Smarty Directory Parameter
PHP remote file inclusion vulnerability in lib/smarty/SmartyFU.class.php in Miplex2 Alpha 1 allows remote attackers to execute arbitrary PHP code via a URL in the system[smarty][dir] parameter.
CVE-2007-2706 EXPLOITDB text WORKING POC
Media Gallery < 1.4.8a - Remote File Inclusion via _MG_CONF[path_html] Parameter
PHP remote file inclusion vulnerability in maint/ftpmedia.php in Media Gallery 1.4.8a and earlier for Geeklog allows remote attackers to execute arbitrary PHP code via a URL in the _MG_CONF[path_html] parameter.
CVE-2007-2939 EXPLOITDB text WORKING POC
Mazen's PHP Chat 3.0.0 - Remote File Inclusion via basepath Parameter
Multiple PHP remote file inclusion vulnerabilities in Mazen's PHP Chat 3.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the basepath parameter to (1) ITX.php, (2) IT_Error.php, or (3) IT.php in include/pear/.
CVE-2007-2707 EXPLOITDB text WRITEUP
Linksnet Newsfeed 1.0 - Remote File Inclusion via dirpath_linksnet_newsfeed Parameter
PHP remote file inclusion vulnerability in linksnet_linkslog_rss.php in Linksnet Newsfeed 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the dirpath_linksnet_newsfeed parameter.
CVE-2008-1609 EXPLOITDB text WORKING POC
jaf_cms 4.0 RC2 - Remote Code Execution via URL Parameter Injection
Multiple PHP remote file inclusion vulnerabilities in just another flat file (JAF) CMS 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) website parameter to (a) forum.php, (b) headlines.php, and (c) main.php in forum/, and (2) main_dir parameter to forum/forum.php. NOTE: other main_dir vectors are already covered by CVE-2006-7127.
CVE-2007-4942 EXPLOITDB text WORKING POC
Focus/SIS 1.0 - Remote Code Execution via FocusPath Parameter
PHP remote file inclusion vulnerability in modules/Discipline/StudentFieldBreakdown.php in Focus/SIS 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the FocusPath parameter, a different vector than CVE-2007-4806. NOTE: the provenance of this information is unknown.
CVE-2007-2204 EXPLOITDB text WORKING POC
GPL PHP Board unstable-2001.11.14-1 - RCE
Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board (GPB) unstable-2001.11.14-1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) db.mysql.inc.php or (2) gpb.inc.php in include/, or the (3) theme parameter to themes/ubb/login.php.
CVE-2007-2936 EXPLOITDB text WRITEUP
Frequency Clock 0.1b - Remote File Inclusion via Securelib Parameter
Multiple PHP remote file inclusion vulnerabilities in Frequency Clock 0.1b (Beta 0.1) allow remote attackers to execute arbitrary PHP code via a URL in the securelib parameter to (1) conf.php or (2) cp2.php.
CVE-2007-2527 EXPLOITDB text WRITEUP
DynamicPAD - Remote File Inclusion via HomeDir Parameter
Multiple PHP remote file inclusion vulnerabilities in DynamicPAD before 1.03.31 allow remote attackers to execute arbitrary PHP code via a URL in the HomeDir parameter to (1) dp_logs.php or (2) index.php.
CVE-2007-2663 EXPLOITDB text WORKING POC
Beacon 0.2.0 - Remote File Inclusion via languagePath Parameter
PHP remote file inclusion vulnerability in language/1/splash.lang.php in Beacon 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the languagePath parameter.