U238

25 exploits Active since Apr 2008
CVE-2018-15727 NOMISEC CRITICAL WORKING POC
Grafana 2.x-4.x < 4.6.4 and 5.x < 5.2.3 - Authentication Bypass via Remember Me Cookie
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.
22 stars
CVSS 9.8
CVE-2025-24813 NOMISEC CRITICAL WORKING POC
Tomcat Partial PUT Java Deserialization
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads - attacker knowledge of the names of security sensitive files being uploaded - the security sensitive files also being uploaded via partial PUT If all of the following were true, a malicious user was able to perform remote code execution: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - application was using Tomcat's file based session persistence with the default storage location - application included a library that may be leveraged in a deserialization attack Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue.
6 stars
CVSS 9.8
CVE-2023-31419 NOMISEC MEDIUM WORKING POC
Elasticsearch 7.0.0-7.17.12 - Denial of Service via _search API Query String
A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.
CVSS 6.5
CVE-2008-2047 EXPLOITDB text WORKING POC
Angelo-Emlak 1.0 - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp.
CVE-2008-1608 EXPLOITDB perl WORKING POC
Clever Copy 3.0 - SQL Injection via ID Parameter
SQL injection vulnerability in postview.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter, a different vector than CVE-2008-0363 and CVE-2006-0583.
CVE-2008-6443 EXPLOITDB text WORKING POC
phpkf - SQL Injection via forum_duzen.php fno Parameter
SQL injection vulnerability in forum_duzen.php in phpKF allows remote attackers to execute arbitrary SQL commands via the fno parameter.
CVE-2008-2334 EXPLOITDB text WORKING POC
Philboard 0.5 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) W1L3D4_foruma_yeni_konu_ac.asp; the (2) id parameter to (d) W1L3D4_konuoku.asp and (e) W1L3D4_konuya_mesaj_yaz.asp; and the (3) topic parameter to W1L3D4_konuya_mesaj_yaz.asp, different vectors than CVE-2008-1939, CVE-2007-2641, and CVE-2007-0920. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2334 EXPLOITDB text WORKING POC
Philboard 0.5 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) W1L3D4_foruma_yeni_konu_ac.asp; the (2) id parameter to (d) W1L3D4_konuoku.asp and (e) W1L3D4_konuya_mesaj_yaz.asp; and the (3) topic parameter to W1L3D4_konuya_mesaj_yaz.asp, different vectors than CVE-2008-1939, CVE-2007-2641, and CVE-2007-0920. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-107545 EXPLOITDB text WORKING POC
H0tturk Panel - 'gizli.php' Remote File Inclusion
CVE-2008-6640 EXPLOITDB text WORKING POC
BatmanPorTaL - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1915 EXPLOITDB text WORKING POC
DevWorx BlogWorx 1.0 - SQL Injection
SQL injection vulnerability in view.asp in DevWorx BlogWorx 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6640 EXPLOITDB text WORKING POC
BatmanPorTaL - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-104929 EXPLOITDB text WORKING POC
Acyhost - 'index.php' Remote File Inclusion
CVE-2008-2448 EXPLOITDB text WORKING POC
Meto Forum 1.1 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in Meto Forum 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) admin/duzenle.asp and (b) admin_oku.asp; the (2) kid parameter to (c) kategori.asp and (d) admin_kategori.asp; and unspecified parameters to (e) uye.asp and (f) oku.asp.
CVE-2008-1939 EXPLOITDB text WORKING POC
W1L3D4 Philboard 1.0 - SQL Injection
Multiple SQL injection vulnerabilities in W1L3D4 Philboard 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) topic parameters to (a) philboard_reply.asp, and the (3) forumid parameter to (b) philboard_newtopic.asp, different vectors than CVE-2007-2641 and CVE-2007-0920.
CVE-2008-6204 EXPLOITDB text WORKING POC
SuperNET Shop < 1.0 - SQL Injection via id, kulad, sifre, username, or password Parameters
Multiple SQL injection vulnerabilities in SuperNET Shop 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to secure/admin/guncelle.asp, (2) kulad and sifre parameters to secure/admin/giris.asp, and (3) username and password to secure/admin/default.asp.
CVE-2008-6641 EXPLOITDB text WORKING POC
Shader TV Beta - SQL Injection via sid Parameter or Authentication Fields
Multiple SQL injection vulnerabilities in Shader TV (Beta) allow remote authenticated administrators to execute arbitrary SQL commands via the sid parameter to (1) kanal.asp, (2) google.asp, and (3) hakk.asp in yonet/; and allow remote attackers to execute arbitrary SQL commands via the (4) username or (5) password fields to yonet/default.asp.
CVE-2008-2334 EXPLOITDB text WORKING POC
Philboard 0.5 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) W1L3D4_foruma_yeni_konu_ac.asp; the (2) id parameter to (d) W1L3D4_konuoku.asp and (e) W1L3D4_konuya_mesaj_yaz.asp; and the (3) topic parameter to W1L3D4_konuya_mesaj_yaz.asp, different vectors than CVE-2008-1939, CVE-2007-2641, and CVE-2007-0920. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3495 EXPLOITDB perl WORKING POC
Pcshey Portal - SQL Injection via kategori.asp kid Parameter
SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter.
CVE-2008-6202 EXPLOITDB text WORKING POC
CoBaLT 1.0 - SQL Injection via id Parameter
SQL injection vulnerability in CoBaLT 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) urun.asp, (2) admin/bayi_listele.asp, (3) admin/urun_grup_listele.asp, and (4) admin/urun_listele.asp.
CVE-2008-3417 EXPLOITDB text WORKING POC
fipsCMS light < 2.1 - SQL Injection via r Parameter
SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the r parameter, a different vector than CVE-2006-6115 and CVE-2007-2561.
CVE-2008-3722 EXPLOITDB text WORKING POC
fipsCMS 2.1 - SQL Injection via forum/neu.asp kat Parameter
SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the kat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-100249 EXPLOITDB text WRITEUP
DizaynPlus Nobetci Eczane Takip 1.0 - 'ayrinti.asp' SQL Injection
CVE-2008-6203 EXPLOITDB text WORKING POC
CoBaLT 2.0 - SQL Injection via id Parameter
SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2048 EXPLOITDB text WORKING POC
Angelo-Emlak 1.0 - Cross-Site Scripting via sayfa Parameter
Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote attackers to inject arbitrary web script or HTML via the sayfa parameter.