You_You

8 exploits Active since Aug 2006
CVE-2006-5146 EXPLOITDB text WORKING POC
Yblog - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Yblog allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in (a) funk.php, or the (2) action parameter in (b) tem.php and (c) uss.php.
CVE-2006-5146 EXPLOITDB text WRITEUP
Yblog - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Yblog allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in (a) funk.php, or the (2) action parameter in (b) tem.php and (c) uss.php.
CVE-2006-5146 EXPLOITDB text WORKING POC
Yblog - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Yblog allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in (a) funk.php, or the (2) action parameter in (b) tem.php and (c) uss.php.
CVE-2006-4349 EXPLOITDB text WRITEUP
ToendaCMS <1.0.3 - RCE
PHP remote file inclusion vulnerability in ToendaCMS 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tcms_administer_site parameter to an unspecified script, probably index.php. NOTE: this issue has been disputed by a third party, who states that $tcms_administer_site is initialized to a constant value within index.php
EIP-2026-111643 EXPLOITDB text WRITEUP
Quickblogger 1.4 - Remote File Inclusion
EIP-2026-110588 EXPLOITDB text WRITEUP
PHMe 0.0.2 - 'Function_List.php' Local File Inclusion
CVE-2006-5066 EXPLOITDB text WRITEUP
DanPHPSupport <1.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in DanPHPSupport 0.5, and other versions before 1.0, allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter in index.php or the (2) do parameter in admin.php.
CVE-2006-5066 EXPLOITDB text WRITEUP
DanPHPSupport <1.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in DanPHPSupport 0.5, and other versions before 1.0, allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter in index.php or the (2) do parameter in admin.php.