cijfer

EIP-2026-114506 EXPLOITDB perl WORKING POC

YapBB 1.2 - 'cfgIncludeDirectory' Remote Command Execution

View Code

EIP-2026-114418 EXPLOITDB perl WORKING POC

xeCMS 1.0.0 RC 2 - 'cookie' Remote Command Execution

View Code

CVE-2006-0099 EXPLOITDB perl WORKING POC

Valdersoft Shopping Cart 3.0 - Remote File Inclusion via catalogDocumentRoot Parameter

PHP remote file include vulnerability in (1) include/templates/categories/default.php and (2) certain other include/templates/categories/ PHP scripts in Valdersoft Shopping Cart 3.0 allows remote attackers to execute arbitrary code via a URL in the catalogDocumentRoot parameter.

View Code

EIP-2026-111190 EXPLOITDB perl WORKING POC

phpRPC Library 0.7 - XML Data Decoding Remote Code Execution (2)

View Code

CVE-2006-0157 EXPLOITDB perl WORKING POC

Reamday Enterprises Magic News Plus <1.0.3 - RCE

settings.php in Reamday Enterprises Magic News Plus 1.0.3 allows remote attackers to change the administrator password via a change action that specifies identical values for the passwd and admin_password parameters, then declares the new password string in the new_passwd and confirm_passwd parameters.

View Code

EIP-2026-107124 EXPLOITDB perl WORKING POC

FlatCMS 1.01 - 'file_editor.php' Remote Command Execution

View Code

CVE-2006-0214 EXPLOITDB perl WORKING POC

ezDatabase 2.0 and earlier - Remote Code Execution via db_id Parameter

Eval injection vulnerability in ezDatabase 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the db_id parameter to visitorupload.php, as demonstrated using phpinfo and include function calls.

View Code

EIP-2026-106300 EXPLOITDB perl WORKING POC

CuteNews 1.4.1 - 'categories.mdu' Remote Command Execution

View Code

CVE-2006-0064 EXPLOITDB perl WORKING POC

CubeCart - Remote Code Execution via glob[rootDir] Parameter

PHP remote file include vulnerability in includes/orderSuccess.inc.php in CubeCart allows remote attackers to execute arbitrary PHP code via a URL in the glob[rootDir] parameter.

View Code

CVE-2006-2149 EXPLOITDB perl WORKING POC

Aardvark Topsites PHP <= 4.2.2 - Remote File Inclusion via CONFIG[path] Parameter

PHP remote file inclusion vulnerability in sources/lostpw.php in Aardvark Topsites PHP 4.2.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the CONFIG[path] parameter, as demonstrated by including a GIF that contains PHP code.

View Code