ahmadbady

82 exploits Active since Jun 2008
CVE-2009-0448 EXPLOITDB text WORKING POC
Syntax Desktop 2.7 - Path Traversal
Directory traversal vulnerability in admin/modules/aa/preview.php in Syntax Desktop 2.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the synTarget parameter.
CVE-2009-0456 EXPLOITDB text WORKING POC
PHP - RCE
PHP remote file inclusion vulnerability in examples/example_clientside_javascript.php in patForms, as used in Sourdough 0.3.5, allows remote attackers to execute arbitrary PHP code via a URL in the neededFiles[patForms] parameter.
CVE-2009-1451 EXPLOITDB text WORKING POC
Bluevirus-design Sma-db - XSS
Cross-site scripting (XSS) vulnerability in startpage.php in SMA-DB 0.3.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2009-1846 EXPLOITDB text WORKING POC
Bjsintay Sitex < 0.7.4 - Path Traversal
Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the THEME_FOLDER parameter to (1) Corporate/homepage.php, (2) Fusion/homepage.php, (3) Joombo/homepage.php, (4) Streamline/homepage.php, and (5) Structure/homepage.php in themes/.
CVE-2009-1637 EXPLOITDB html WORKING POC
Simplecustomer Simple Customer - Access Control
profile.php in Simple Customer 1.3 does not require administrative authentication, which allows remote attackers to change the admin e-mail address and password via the email and password parameters.
EIP-2026-111790 EXPLOITDB html WORKING POC
RogioBiz PHP Fle Manager 1.2 - Admin Bypass
CVE-2009-0330 EXPLOITDB text WORKING POC
SCMS < unknown - Path Traversal
Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter.
EIP-2026-111860 EXPLOITDB text WRITEUP
S9Y Serendipity 1.5.4 - Arbitrary File Upload
EIP-2026-111856 EXPLOITDB html WORKING POC
S40 CMS 0.4.1 - Cross-Site Request Forgery (Change Admin Password)
CVE-2009-0495 EXPLOITDB text WORKING POC
REALTOR 747 4.11 - RCE
PHP remote file inclusion vulnerability in include/define.php in REALTOR 747 4.11 allows remote attackers to execute arbitrary PHP code via a URL in the INC_DIR parameter.
CVE-2009-0596 EXPLOITDB text WORKING POC
phpSkelSite <1.4 - Path Traversal
Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter.
CVE-2009-0103 EXPLOITDB text WORKING POC
playSMS 0.9.3 - RCE
Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.php, the (2) apps_path[themes] parameter to plugin/themes/default/init.php, and the (3) apps_path[libs] parameter to lib/function.php.
CVE-2009-1765 EXPLOITDB text WORKING POC
Pluck - Path Traversal
Multiple directory traversal vulnerabilities in pluck 4.6.2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langpref parameter to (1) data/modules/contactform/module_info.php, (2) data/modules/blog/module_info.php, and (3) data/modules/albums/module_info.php, different vectors than CVE-2008-3194.
CVE-2009-0827 EXPLOITDB text WRITEUP
PollHelper - Info Disclosure
PollHelper stores poll.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request.
EIP-2026-111597 EXPLOITDB text WORKING POC
PWP Wiki Processor 1-5-1 - Arbitrary File Upload
CVE-2009-1551 EXPLOITDB text WORKING POC
Qt-cute Quickteam - Code Injection
Multiple PHP remote file inclusion vulnerabilities in Qt quickteam 2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) qte_web_path parameter to qte_web.php and the (2) qte_root parameter to bin/qte_init.php.
CVE-2009-2398 EXPLOITDB text WORKING POC
PHP-Sugar 0.80 - Path Traversal
Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote attackers to read arbitrary files via a ..// (dot dot slash slash) in the t parameter.
EIP-2026-111194 EXPLOITDB text WRITEUP
phpScribe 0.9 - 'user.cfg' Remote Configuration Disclosure
CVE-2008-6849 EXPLOITDB text WORKING POC
W2B Phpgreetcards - Code Injection
Unrestricted file upload vulnerability in index.php in phpGreetCards 3.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a via a link that is listed by userfiles/number_shell.php.
EIP-2026-111057 EXPLOITDB text WORKING POC
PHPFreeChat 1.1 - 'demo21_with_hardocded_urls.php' Cross-Site Scripting
CVE-2009-2112 EXPLOITDB text WORKING POC
phpFK 7.03 - Path Traversal
Directory traversal vulnerability in include/page_bottom.php in phpFK 7.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the _FORUM[settings_design_style] parameter.
CVE-2008-6251 EXPLOITDB text WORKING POC
Scripts Phpfan - Code Injection
PHP remote file inclusion vulnerability in includes/init.php in phpFan 3.3.4 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter.
CVE-2008-6920 EXPLOITDB text WORKING POC
W2B Phpemployment - Access Control
Unrestricted file upload vulnerability in auth.php in phpEmployment 1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension during a regnew action, then accessing it via a direct request to the file in photoes/.
CVE-2008-6609 EXPLOITDB text WORKING POC
OTT Phpcksec - XSS
Cross-site scripting (XSS) vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2 allows remote attackers to inject arbitrary web script or HTML via the path parameter.
CVE-2008-6921 EXPLOITDB text WORKING POC
W2B Phpadboard - Access Control
Unrestricted file upload vulnerability in index.php in phpAdBoard 1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photoes/.