Tryagi

9 exploits Active since Feb 2007
CVE-2007-0700 EXPLOITDB text WORKING POC
Gsylvain35 Portail Web - Path Traversal
Directory traversal vulnerability in index.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this issue was later reported for 2.5.1.1.
CVE-2008-0813 EXPLOITDB text WORKING POC
XPWeb 3.0.1, 3.3.2 - Path Traversal via Download.php url Parameter
Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3.2, and possibly other versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter.
CVE-2008-0814 EXPLOITDB text WORKING POC
TRUC 0.11.0 - Path Traversal via download.php upload_filename Parameter
Directory traversal vulnerability in download.php in Tracking Requirements & Use Cases (TRUC) 0.11.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the upload_filename parameter.
CVE-2008-1046 EXPLOITDB text WORKING POC
Quinsonnas Mail Checker 1.55 - Remote Code Execution via footer.php op[footer_body] Parameter
PHP remote file inclusion vulnerability in footer.php in Quinsonnas Mail Checker 1.55 allows remote attackers to execute arbitrary PHP code via a URL in the op[footer_body] parameter.
CVE-2007-5056 EXPLOITDB text WORKING POC
ADOdb Lite < 1.42 - Remote Code Execution via last_module Parameter
Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter.
CVE-2008-1068 EXPLOITDB text WORKING POC
Portail Web Php < 2.5.1.1 - Remote Code Execution via site_path Parameter
Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) Vert/index.php, (2) Noir/index.php, and (3) Bleu/index.php in template/, different vectors than CVE-2008-0645.
CVE-2008-1645 EXPLOITDB text WORKING POC
phpSpamManager 0.53 beta - Path Traversal
Directory traversal vulnerability in body.php in phpSpamManager (phpSM) 0.53 beta allows remote attackers to read arbitrary local files via a .. (dot dot) in the filename parameter.
CVE-2007-5056 EXPLOITDB text WORKING POC
ADOdb Lite < 1.42 - Remote Code Execution via last_module Parameter
Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter.
CVE-2008-0794 EXPLOITDB text WORKING POC
Affiliate Market 0.1 BETA - Path Traversal via Language Parameter
Directory traversal vulnerability in user/header.php in Affiliate Market 0.1 BETA allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.