ZynbER

3 exploits Active since Nov 2007
CVE-2008-6501 EXPLOITDB text WRITEUP
Pro Chat Rooms 3.0.2 - Cross-Site Scripting via Gud Parameter
Cross-site scripting (XSS) vulnerability in profiles/index.php in Pro Chat Rooms 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the gud parameter.
CVE-2008-6502 EXPLOITDB text WRITEUP
Pro Chat Rooms 3.0.2 - Authenticated Path Traversal and Remote Code Execution via Avatar Parameter
Directory traversal vulnerability in Pro Chat Rooms 3.0.2 allows remote authenticated users to select an arbitrary local PHP script as an avatar via a .. (dot dot) in the avatar parameter, and cause other users to execute this script by using sendData.php to send a message to (1) an individual user or (2) a room, leading to cross-site request forgery (CSRF), cross-site scripting (XSS), or other impacts.
CVE-2007-5785 EXPLOITDB text WORKING POC
JobSite Professional 2.0 - SQL Injection via id Parameter
SQL injection vulnerability in file.php in JobSite Professional 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.