Y! Underground Group - Security Researcher - Exploit Intelligence Platform

CVE-2008-0245 EXPLOITDB php WORKING POC

Uploadscript Uploadimage - Access Control

admin.php in UploadImage 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter in a nopass (Set Password) action.

View Code

CVE-2008-0246 EXPLOITDB php WORKING POC

Uploadscript Uploadimage - Access Control

admin.php in UploadScript 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter in a nopass (Set Password) action.

View Code

CVE-2007-2642 EXPLOITDB text WRITEUP

R2K Gallery 1.7 - Path Traversal

Directory traversal vulnerability in galeria.php in R2K Gallery 1.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang2 parameter.

View Code

CVE-2007-2899 EXPLOITDB php WORKING POC

NavBoard 2.6.0 - Code Injection

Direct static code injection vulnerability in admin_config.php in NavBoard 2.6.0 allows remote attackers to inject arbitrary PHP code into data/config.php via multiple parameters, as demonstrated via the threadperpage parameter in an editconfig action.

View Code

CVE-2007-2647 EXPLOITDB php WORKING POC

Monalbum 0.8.7 - Code Injection

Static code injection vulnerability in admin/admin_configuration.php in Monalbum 0.8.7 allows remote authenticated users to inject arbitrary PHP code into the conf/config.inc.php file via the (1) gadm_pass, (2) gadm_user, (3) gcfgHote, (4) gcfgPass, (5) gcfgUser, (6) gclassement_rep, (7) gcontour, (8) gfond, (9) ggd_version, (10) ghome, (11) ghor, (12) gimg_copyright, (13) glangage, (14) gmenu_visible, (15) gmini_hasard, (16) gordre_rep, (17) gpage, (18) gracine, (19) grech_inactive, (20) grep_mini, (21) grepertoire, (22) gsite, (23) gslide, (24) gtitre, (25) guse_copyright, (26) gversion, (27) gvert, or (28) gcfgBase parameter.

View Code

CVE-2007-2643 EXPLOITDB text WORKING POC

PinkCrow Designs Gallery/maGAZIn 2.0 - Path Traversal

Directory traversal vulnerability in phpThumb.php in PinkCrow Designs Gallery or maGAZIn 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the src parameter.

View Code

EIP-2026-103609 EXPLOITDB html WORKING POC

Opera 9.10 - 'alert()' Remote Denial of Service

View Code