ahmadbady

82 exploits Active since Jun 2008
CVE-2009-1770 EXPLOITDB text WORKING POC
Flyspeck CMS 6.8 - Path Traversal via Lang Parameter
Directory traversal vulnerability in includes/database/examples/addressbook.php in Flyspeck CMS 6.8 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
CVE-2009-1450 EXPLOITDB text WORKING POC
SMA-DB 0.3.12 - Remote Code Execution via _page_content Parameter
PHP remote file inclusion vulnerability in format.php in SMA-DB 0.3.12 allows remote attackers to execute arbitrary PHP code via a URL in the _page_content parameter.
CVE-2009-1444 EXPLOITDB text WORKING POC
WebPortal CMS 0.8-beta - Remote Code Execution via lib_path Parameter
PHP remote file inclusion vulnerability in indexk.php in WebPortal CMS 0.8-beta allows remote attackers to execute arbitrary PHP code via a URL in the lib_path parameter.
CVE-2008-6955 EXPLOITDB text WORKING POC
mxCamArchive 2.2 - Unauthenticated Exposure of Sensitive Information via Direct Request
mxCamArchive 2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain configuration details and passwords via a direct request for archive/config.ini.
CVE-2008-6848 EXPLOITDB text WORKING POC
phpGreetCards 3.7 - Cross-Site Scripting via Category Parameter
Cross-site scripting (XSS) vulnerability in index.php in phpGreetCards 3.7 allows remote attackers to inject arbitrary web script or HTML via the category parameter in a select action.
CVE-2010-0967 EXPLOITDB text WRITEUP
Geekhelps ADMP 1.01 - Path Traversal
Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the style parameter to (1) colorvoid/footer.php, (2) default-green/footer.php, (3) default-orange/footer.php, and (4) default/footer.php in themes/. NOTE: some of these details are obtained from third party information.
CVE-2009-0595 EXPLOITDB text WORKING POC
phpSkelSite 1.4 - Remote Code Execution via Theme Parameter
PHP remote file inclusion vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the theme parameter.
CVE-2009-0594 EXPLOITDB text WORKING POC
phpSkelSite 1.4 - Cross-Site Scripting via PATH_INFO
Cross-site scripting (XSS) vulnerability in index.php in phpSkelSite 1.4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2009-0513 EXPLOITDB text WORKING POC
WebFrame 0.76 - Remote Code Execution via classFiles Parameter
Multiple PHP remote file inclusion vulnerabilities in WebFrame 0.76 allow remote attackers to execute arbitrary PHP code via a URL in the classFiles parameter to (1) admin/doc/index.php, (2) index.php, and (3) base/menu.php in mod/.
CVE-2008-5566 EXPLOITDB text WORKING POC
Triangle Solutions PHP Multiple Newsletters 2.7 - XSS
Cross-site scripting (XSS) vulnerability in index.php in Triangle Solutions PHP Multiple Newsletters 2.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2008-5770 EXPLOITDB text WORKING POC
phpweather 2.2.2 - Cross-Site Scripting via PATH_INFO
Cross-site scripting (XSS) vulnerability in config/make_config.php in PHP Weather 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2008-5061 EXPLOITDB text WORKING POC
Mini Web Calendar 1.2 - Cross-Site Scripting via URL Parameter
Cross-site scripting (XSS) vulnerability in php/cal_default.php in Mini Web Calendar (mwcal) 1.2 allows remote attackers to inject arbitrary web script or HTML via the URL.
CVE-2008-5881 EXPLOITDB text WORKING POC
playSMS 0.9.3 - Path Traversal via Gateway Module or Themes Module Parameter
Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) gateway_module parameter to plugin/gateway/gnokii/init.php and the (2) themes_module parameter to plugin/themes/default/init.php.
CVE-2008-2689 EXPLOITDB text WORKING POC
BrowserCRM 5.002.00 - Remote Code Execution via bcrm_pub_root Parameter
PHP remote file inclusion vulnerability in pub/clients.php in BrowserCRM 5.002.00 allows remote attackers to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter.
CVE-2009-0807 EXPLOITDB text WORKING POC
zFeeder 1.6 - Unauthenticated Administrative Access via Direct Request
zFeeder 1.6 allows remote attackers to gain administrative access via a direct request to admin.php.
EIP-2026-114518 EXPLOITDB text WORKING POC
Yellow Duck Weblog 2.1.0 - 'lang' Local File Inclusion
EIP-2026-114504 EXPLOITDB text WORKING POC
YACS CMS 8.11 - 'update_trailer.php' Remote File Inclusion
CVE-2009-0294 EXPLOITDB text WORKING POC
WB News 2.0.1 - Remote Code Execution
Multiple PHP remote file inclusion vulnerabilities in WB News 2.0.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the config[installdir] parameter to (1) search.php, (2) archive.php, (3) comments.php, and (4) news.php; (5) News.php, (6) SendFriend.php, (7) Archive.php, and (8) Comments.php in base/; and possibly other components, different vectors than CVE-2007-1288.
CVE-2009-0514 EXPLOITDB text WORKING POC
WebFrame 0.76 - Path Traversal and Arbitrary File Execution via currentmod and LANG Parameters
Multiple directory traversal vulnerabilities in WebFrame 0.76 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) currentmod and (2) LANG parameters to mod/index.php.
CVE-2009-1445 EXPLOITDB text WORKING POC
WebPortal CMS 0.8-beta - Path Traversal and Arbitrary File Read via lang Parameter
Multiple directory traversal vulnerabilities in WebPortal CMS 0.8-beta allow remote attackers to (1) read arbitrary files via directory traversal sequences in the lang parameter to libraries/helpdocs/help.php and (2) include and execute arbitrary local files via directory traversal sequences in the error parameter to index.php.
CVE-2008-6492 EXPLOITDB text WORKING POC
Tizag Countdown Creator 3 - Unauthenticated Arbitrary File Upload via index.php
Unrestricted file upload vulnerability in process.php in Tizag Countdown Creator 3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via index.php, then accessing the uploaded file via a direct request to the file in pics/. NOTE: some of these details are obtained from third party information.
EIP-2026-112804 EXPLOITDB html WORKING POC
ttCMS 5.0 - Remote File Inclusion
CVE-2009-1653 EXPLOITDB text WORKING POC
TinyButStrong 3.4.0 - Path Traversal via Script Parameter
Directory traversal vulnerability in examples/tbs_us_examples_0view.php in TinyButStrong 3.4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the script parameter.
CVE-2010-1528 EXPLOITDB html WORKING POC
Uiga Proxy - Remote Code Execution via Template Content Parameter
PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the content parameter.
CVE-2009-1846 EXPLOITDB text WORKING POC
SiteX < 0.7.4 - Path Traversal via THEME_FOLDER Parameter
Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the THEME_FOLDER parameter to (1) Corporate/homepage.php, (2) Fusion/homepage.php, (3) Joombo/homepage.php, (4) Streamline/homepage.php, and (5) Structure/homepage.php in themes/.