Xcross87

3 exploits Active since Oct 2007
CVE-2008-0286 EXPLOITDB text WRITEUP
Article Dashboard - SQL Injection via Admin Login User or Password Fields
SQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields.
CVE-2007-5737 EXPLOITDB text WRITEUP
Korean GHBoard - Unrestricted File Upload via upload.jsp
Unrestricted file upload vulnerability in component/upload.jsp in Korean GHBoard allows remote attackers to upload arbitrary files via unspecified vectors, probably involving a direct request.
CVE-2007-5739 EXPLOITDB text WORKING POC
Korean GHBoard - Path Traversal via FlashUpload Download Name Parameter
Directory traversal vulnerability in component/flashupload/download.jsp in the FlashUpload component in Korean GHBoard allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.