ZoRLu

253 exploits Active since Feb 2007
CVE-2008-6543 EXPLOITDB text WRITEUP
ComScripts Quick Classifieds 1.0 - Remote File Inclusion via DOCUMENT_ROOT Parameter
Multiple PHP remote file inclusion vulnerabilities in ComScripts TEAM Quick Classifieds 1.0 via the DOCUMENT_ROOT parameter to (1) index.php3, (2) locate.php3, (3) search_results.php3, (4) classifieds/index.php3, and (5) classifieds/view.php3; (6) index.php3, (7) manager.php3, (8) pass.php3, (9) remember.php3 (10) sign-up.php3, (11) update.php3, (12) userSet.php3, and (13) verify.php3 in controlcenter/; (14) alterCats.php3, (15) alterFeatured.php3, (16) alterHomepage.php3, (17) alterNews.php3, (18) alterTheme.php3, (19) color_help.php3, (20) createdb.php3, (21) createFeatured.php3, (22) createHomepage.php3, (23) createL.php3, (24) createM.php3, (25) createNews.php3, (26) createP.php3, (27) createS.php3, (28) createT.php3, (29) index.php3, (30) mailadmin.php3, and (31) setUp.php3 in controlpannel/; (32) include/sendit.php3 and (33) include/sendit2.php3; and possibly (34) include/adminHead.inc, (35) include/usersHead.inc, and (36) style/default.scheme.inc.
CVE-2009-1502 EXPLOITDB text WORKING POC
S-Cms 1.1 Stable and 1.5.2 - Path Traversal via Page Parameter
Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.
CVE-2008-6928 EXPLOITDB text WORKING POC
PHPStore Complete Classifieds - Authenticated Arbitrary File Upload and Remote Code Execution via Logo Upload
Unrestricted file upload vulnerability in PHPStore Complete Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then accessing it via a direct request to the file in classifieds1/yellow_images/.
CVE-2008-6931 EXPLOITDB text WORKING POC
PHPStore Job Search - Authenticated Remote Code Execution via Resume Photo Upload
Unrestricted file upload vulnerability in PHPStore Job Search (aka PHPCareers) allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a resume photo, then accessing it via a direct request to the file in jobseekers/jobseeker_profile_images.
CVE-2009-0593 EXPLOITDB text WORKING POC
plx Auto Reminder 3.7 - SQL Injection
SQL injection vulnerability in members.php in plx Auto Reminder 3.7 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a newar action.
CVE-2008-1787 EXPLOITDB text WORKING POC
Poplar Gedcom Viewer 2.0 - Cross-Site Scripting via Text and UL Parameters
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Poplar Gedcom Viewer 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) text and (2) ul parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6929 EXPLOITDB text WORKING POC
PHPStore Auto Classifieds - Authenticated Arbitrary File Upload via Logo Upload
Unrestricted file upload vulnerability in PHPStore Auto Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then accessing it via a direct request to the file in cars/cars_images/.
CVE-2008-6930 EXPLOITDB text WORKING POC
PHPStore Real Estate - Authenticated Arbitrary File Upload via Logo Image
Unrestricted file upload vulnerability in PHPStore Real Estate allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then accessing it via a direct request to the file in realty/re_images/.
EIP-2026-111271 EXPLOITDB text WRITEUP
pigyard art Gallery - Multiple Vulnerabilities
CVE-2008-5307 EXPLOITDB text WORKING POC
PG Roommate Finder Solution - SQL Injection
SQL injection vulnerability in admin/index.php in PG Roommate Finder Solution allows remote attackers to execute arbitrary SQL commands via the login_lg parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-7073 EXPLOITDB text WORKING POC
RSS module 0.1 - Remote Code Execution via lib Parameter
PHP remote file inclusion vulnerability in lib/action/rss.php in RSS module 0.1 for Pie Web M{a,e}sher, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lib parameter.
CVE-2008-5307 EXPLOITDB text WORKING POC
PG Roommate Finder Solution - SQL Injection
SQL injection vulnerability in admin/index.php in PG Roommate Finder Solution allows remote attackers to execute arbitrary SQL commands via the login_lg parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-1986 EXPLOITDB text WORKING POC
pixel_motion_blog - Cross-Site Scripting via jours Parameter
Cross-site scripting (XSS) vulnerability in liste_article.php in Blog Pixel Motion (aka PixelMotion) allows remote attackers to inject arbitrary web script or HTML via the jours parameter.
CVE-2007-0820 EXPLOITDB text WRITEUP
Cedric CLAIRE PortailPhp 2 - Remote File Inclusion via chemin Parameter
Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attackers to execute arbitrary PHP code via a URL in the chemin parameter to (1) mod_news/index.php, (2) mod_news/goodies.php, or (3) mod_search/index.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-111269 EXPLOITDB text WRITEUP
PicsEngine 1.0 - 'index.php' Cross-Site Scripting
EIP-2026-111623 EXPLOITDB text WORKING POC
QT-cute QuickTalk Guestbook 1.6 - Multiple Cross-Site Scripting Vulnerabilities
CVE-2008-6491 EXPLOITDB text WRITEUP
phpgkit 0.9 - Remote Code Execution via DOCUMENT_ROOT Parameter
PHP remote file inclusion vulnerability in connexion.php in PHPGKit 0.9 allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2449 EXPLOITDB text WRITEUP
phpInstantGallery 2.0 - Cross-Site Scripting via Gallery and Imgnum Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Isaac McGowan phpInstantGallery 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) gallery parameter to (a) index.php and (b) image.php, and the (2) imgnum parameter to image.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-0108 EXPLOITDB text WORKING POC
PHPAuctions - Unauthenticated Authentication Bypass via Cookie Manipulation
PHPAuctions (aka PHPAuctionSystem) allows remote attackers to bypass authentication and gain administrative access via modified (1) PHPAUCTION_RM_ID, (2) PHPAUCTION_RM_NAME, (3) PHPAUCTION_RM_USERNAME, and (4) PHPAUCTION_RM_EMAIL cookies.
CVE-2008-0805 EXPLOITDB text WORKING POC
PHPizabi 0.848b C1 HFP1 - Unauthenticated Arbitrary File Upload and Remote Code Execution via Event Page Image Upload
Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension from the event page, then accessing it via a direct request to the file in system/cache/pictures.
CVE-2008-1504 EXPLOITDB text WRITEUP
phpMyChat 0.14.5 - Cross-Site Scripting via Lang Parameter
Cross-site scripting (XSS) vulnerability in setup.php3 in phpHeaven phpMyChat 0.14.5 allows remote attackers to inject arbitrary web script or HTML via the Lang parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-110898 EXPLOITDB text WORKING POC
PHP-Nuke Yellow_Pages Module - 'cid' SQL Injection
CVE-2008-2449 EXPLOITDB text WRITEUP
phpInstantGallery 2.0 - Cross-Site Scripting via Gallery and Imgnum Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Isaac McGowan phpInstantGallery 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) gallery parameter to (a) index.php and (b) image.php, and the (2) imgnum parameter to image.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6317 EXPLOITDB text WORKING POC
PHPmyGallery 1.5 beta - Remote File Inclusion via conf[lang] Parameter
Directory traversal vulnerability in _conf/_php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf[lang] parameter, a different issue than CVE-2008-6318. NOTE: this might be the same issue as CVE-2008-6316.
CVE-2008-6212 EXPLOITDB text WRITEUP
php-stats 0.1.9.1 - Cross-Site Scripting via sel_mese and sel_anno Parameters
Cross-site scripting (XSS) vulnerability in admin.php in Php-Stats 0.1.9.1 allows remote attackers to inject arbitrary web script or HTML via the (1) sel_mese and (2) sel_anno parameters in a systems action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.