Vulnerability Research Laboratory

14 exploits Active since Sep 2012
EIP-2026-117375 EXPLOITDB text WRITEUP
Kaspersky Internet Security/Anti-Virus - '.cfg' File Memory Corruption
EIP-2026-113736 EXPLOITDB text WRITEUP
WordPress Plugin Facebook Survey 1.0 - SQL Injection
EIP-2026-112094 EXPLOITDB text WRITEUP
Simple Forum PHP - Multiple SQL Injections
EIP-2026-108927 EXPLOITDB text WRITEUP
JPM Article Script 6 - 'page2' SQL Injection
EIP-2026-106784 EXPLOITDB text WORKING POC
eFront 3.6.10 - 'professor.php' Script Multiple SQL Injections
EIP-2026-106399 EXPLOITDB text WORKING POC
DedeCMS 7.5 SP2 - Persistent Cross-Site Scripting
CVE-2012-4889 EXPLOITDB text WORKING POC
ManageEngine Firewall Analyzer 7.2 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) subTab or (2) tab parameter to createAnomaly.do; (3) url, (4) subTab, or (5) tab parameter to mindex.do; (6) tab parameter to index2.do; or (7) port parameter to syslogViewer.do.
CVE-2012-4889 EXPLOITDB text WORKING POC
ManageEngine Firewall Analyzer 7.2 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) subTab or (2) tab parameter to createAnomaly.do; (3) url, (4) subTab, or (5) tab parameter to mindex.do; (6) tab parameter to index2.do; or (7) port parameter to syslogViewer.do.
CVE-2012-4889 EXPLOITDB text WORKING POC
ManageEngine Firewall Analyzer 7.2 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) subTab or (2) tab parameter to createAnomaly.do; (3) url, (4) subTab, or (5) tab parameter to mindex.do; (6) tab parameter to index2.do; or (7) port parameter to syslogViewer.do.
CVE-2012-4889 EXPLOITDB text WORKING POC
ManageEngine Firewall Analyzer 7.2 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) subTab or (2) tab parameter to createAnomaly.do; (3) url, (4) subTab, or (5) tab parameter to mindex.do; (6) tab parameter to index2.do; or (7) port parameter to syslogViewer.do.
EIP-2026-101161 EXPLOITDB text WORKING POC
Astaro Security Gateway 8.1 - HTML Injection
CVE-2012-4923 EXPLOITDB text WRITEUP
Endian Firewall 2.4 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi.
CVE-2012-4923 EXPLOITDB text WRITEUP
Endian Firewall 2.4 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi.
CVE-2012-4923 EXPLOITDB text WRITEUP
Endian Firewall 2.4 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi.