cr4wl3r - Security Researcher - Exploit Intelligence Platform

CVE-2010-1927 EXPLOITDB text WORKING POC

openMairie openCourrier 2.02-2.03 beta - Remote Code Execution via path_om Parameter

Multiple PHP remote file inclusion vulnerabilities in openMairie openCourrier 2.02 and 2.03 beta, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) bible.class.php, (2) dossier.class.php, (3) service.class.php, (4) collectivite.class.php, (5) droit.class.php, (6) tache.class.php, (7) emetteur.class.php, (8) utilisateur.class.php, (9) courrier.recherche.tab.class.php, and (10) profil.class.php in obj/. NOTE: some of these details are obtained from third party information.

View Code

CVE-2010-1948 EXPLOITDB text WORKING POC

openMairie Openfoncier 2.00 - Remote File Inclusion via soustab.php dsn[phptype] Parameter

Directory traversal vulnerability in scr/soustab.php in openMairie Openfoncier 2.00, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069.

View Code

CVE-2010-1934 EXPLOITDB text WORKING POC

openMairie openPlanning 1.00 - Remote Code Execution via path_om Parameter

Multiple PHP remote file inclusion vulnerabilities in openMairie openPlanning 1.00, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) categorie.class.php, (2) profil.class.php, (3) collectivite.class.php, (4) ressource.class.php, (5) droit.class.php, (6) utilisateur.class.php, and (7) planning.class.php in obj/.

View Code

CVE-2010-1935 EXPLOITDB text WORKING POC

openMairie Openpresse 1.01 - Path Traversal via dsn[phptype] Parameter

Directory traversal vulnerability in scr/soustab.php in openMairie Openpresse 1.01, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069.

View Code

EIP-2026-110316 EXPLOITDB text WORKING POC

Openreglement 1.04 - Local File Inclusion / Remote File Inclusion

View Code

EIP-2026-110317 EXPLOITDB text WORKING POC

Openscrutin 1.03 - Local File Inclusion / Remote File Inclusion

View Code

EIP-2026-110327 EXPLOITDB text WORKING POC

Opentel Openmairie tel 1.02 - Local File Inclusion

View Code

CVE-2010-1467 EXPLOITDB text WORKING POC

openUrgence Vaccin 1.03 - Remote Code Execution via path_om Parameter in PHP File Inclusion

Multiple PHP remote file inclusion vulnerabilities in openUrgence Vaccin 1.03 allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) collectivite.class.php, (2) injection.class.php, (3) utilisateur.class.php, (4) droit.class.php, (5) laboratoire.class.php, (6) vaccin.class.php, (7) effetsecondaire.class.php, (8) medecin.class.php, (9) individu.class.php, and (10) profil.class.php in gen/obj/.

View Code

CVE-2009-4082 EXPLOITDB text WRITEUP

Outreach Project Tool < 1.2.7 - Remote Code Execution via CRM_path Parameter

PHP remote file inclusion vulnerability in forums/Forum_Include/index.php in Outreach Project Tool (OPT) 1.2.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CRM_path parameter.

View Code

EIP-2026-109551 EXPLOITDB text WORKING POC

MoME CMS 0.8.5 - Remote Authentication Bypass

View Code

CVE-2010-1216 EXPLOITDB text WORKING POC

notsopureedit < 1.4.1 - Remote Code Execution via Template Content Parameter

PHP remote file inclusion vulnerability in templates/template.php in notsoPureEdit 1.4.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the content parameter. NOTE: some of these details are obtained from third party information.

View Code

EIP-2026-109853 EXPLOITDB text WORKING POC

nensor CMS 2.01 - Multiple Vulnerabilities

View Code

CVE-2006-0087 EXPLOITDB text WRITEUP

Lizard Cart CMS 1.04 - SQL Injection via id Parameter

SQL injection vulnerability in (1) pages.php and (2) detail.php in Lizard Cart CMS 1.04 allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

CVE-2009-4614 EXPLOITDB text WORKING POC

Moa Gallery < 1.2.0 - Remote Code Execution via MOA_PATH Parameter

Multiple PHP remote file inclusion vulnerabilities in Moa Gallery 1.2.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the MOA_PATH parameter to (1) _error_funcs.php, (2) _integrity_funcs.php, (3) _template_component_admin.php, (4) _template_component_gallery.php, (5) _template_parser.php, (6) mod_gallery_funcs.php, (7) mod_image_funcs.php, (8) mod_tag_funcs.php, (9) mod_tag_view.php, (10) mod_upgrade_funcs.php, (11) mod_user_funcs.php, (12) page_admin.php, (13) page_gallery_add.php, (14) page_gallery_view.php, (15) page_image_add.php, (16) page_image_view_full.php, (17) page_login.php, and (18) page_sitemap.php in sources/.

View Code

CVE-2010-1346 EXPLOITDB text WORKING POC

Mini CMS RibaFS 1.0 - SQL Injection

SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: some of these details are obtained from third party information.

View Code

EIP-2026-109334 EXPLOITDB text WORKING POC

MassMirror Uploader - Multiple Remote File Inclusions

View Code

EIP-2026-109002 EXPLOITDB text WORKING POC

Killmonster 2.1 - Authentication Bypass

View Code

CVE-2009-4223 EXPLOITDB text WORKING POC

KR-Web < 1.1 - Remote Code Execution via DOCUMENT_ROOT Parameter

PHP remote file inclusion vulnerability in adm/krgourl.php in KR-Web 1.1b2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.

View Code

CVE-2010-1112 EXPLOITDB text WRITEUP

KloNews 2.0 - Cross-Site Scripting via cat Parameter

Cross-site scripting (XSS) vulnerability in cat.php in KloNews 2.0 allows remote attackers to inject arbitrary web script or HTML via the cat parameter.

View Code

CVE-2009-4216 EXPLOITDB perl WORKING POC

Klinza Professional CMS <5.0.1 - Path Traversal

Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter.

View Code

EIP-2026-109001 EXPLOITDB text WORKING POC

KikChat - Local File Inclusion / Remote Code Execution

View Code

EIP-2026-108028 EXPLOITDB text WRITEUP

Izumi 1.1.0 - Multiple Local File Inclusion / Remote File Inclusions

View Code

EIP-2026-107973 EXPLOITDB text WORKING POC

ispCP Omega 1.0.4 - Remote File Inclusion

View Code

CVE-2009-4471 EXPLOITDB text WORKING POC

FreeSchool < 1.1.0 - Remote Code Execution via CLASSPATH Parameter

Multiple PHP remote file inclusion vulnerabilities in FreeSchool 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CLASSPATH parameter to (1) bib_form.php, (2) bib_pldetails.php, (3) bib_plform.php, (4) bib_plsearchc.php, (5) bib_plsearchs.php, (6) bib_save.php, (7) bib_searchc.php, (8) bib_searchs.php, (9) edi_form.php, (10) edi_save.php, (11) gen_form.php, (12) gen_save.php, (13) lin_form.php, (14) lin_save.php, (15) luo_form.php, (16) luo_save.php, (17) sog_form.php, or (18) sog_save.php in biblioteca/; (19) cal_insert.php, (20) cal_save.php, or (21) cal_saveactivity.php in calendario/; (22) circolari/cir_save.php; or (23) modulistica/mdl_save.php.

View Code

CVE-2010-2135 EXPLOITDB text WORKING POC

HazelPress Lite <= 0.0.4 - SQL Injection via Username or Password Field

Multiple SQL injection vulnerabilities in login.php in HazelPress Lite 0.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) password fields.

View Code