blake

59 exploits Active since Jun 2007
CVE-2009-3911 EXPLOITDB text WORKING POC
TFTgallery 0.13 - XSS
Cross-site scripting (XSS) vulnerability in settings.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the sample parameter.
CVE-2009-3833 EXPLOITDB text WRITEUP
Tftgallery - XSS
Cross-site scripting (XSS) vulnerability in index.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the album parameter.
CVE-2009-3912 EXPLOITDB text WORKING POC
TFTgallery 0.13 - Path Traversal
Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the album parameter.
CVE-2010-0970 EXPLOITDB text WORKING POC
PhpMyLogon 2 - SQL Injection
SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-110697 EXPLOITDB text WORKING POC
PHP File Sharing System 1.5.1 - Multiple Vulnerabilities
EIP-2026-110287 EXPLOITDB text WRITEUP
OpenEMR 3.2.0 - SQL Injection / Cross-Site Scripting
CVE-2012-6560 EXPLOITDB text WORKING POC
Freenac - Improper Input Validation
SQL injection vulnerability in deviceadd.php in FreeNAC 3.02 allows remote attackers to execute arbitrary SQL commands via the status parameter.
EIP-2026-107264 EXPLOITDB text WORKING POC
Front Door 0.4b - SQL Injection
CVE-2010-4858 EXPLOITDB text WORKING POC
DNET Live-Stats <0.8 - Path Traversal
Directory traversal vulnerability in team.rc5-72.php in DNET Live-Stats 0.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the showlang parameter.