d3v1l [Avram Marius]

11 exploits Active since Nov 2008
CVE-2010-2674 EXPLOITDB text WORKING POC
TSOKA:CMS 1.1, 1.9, 2.0 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an articolo action.
CVE-2009-1623 EXPLOITDB text WRITEUP
Dew-NewPHPLinks 2.0 - Cross-Site Scripting via PID Parameter
Cross-site scripting (XSS) vulnerability in index.php in Dew-NewPHPLinks 2.0 allows remote attackers to inject arbitrary web script or HTML via the PID parameter.
CVE-2009-2172 EXPLOITDB text WRITEUP
Radio and TV Player <vBulletin - XSS
Cross-site scripting (XSS) vulnerability in forum/radioandtv.php in the Radio and TV Player addon for vBulletin allows remote registered users to inject arbitrary web script or HTML via the station parameter.
CVE-2008-6271 EXPLOITDB text WORKING POC
tbmnetcms 1.0 - Path Traversal via Index.php Content Parameter
Directory traversal vulnerability in index.php in TBmnetCMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the content parameter.
CVE-2010-2675 EXPLOITDB text WORKING POC
TSOKA:CMS 1.1, 1.9, 2.0 - Cross-Site Scripting via id Parameter
Cross-site scripting (XSS) vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter in an articolo action.
EIP-2026-112183 EXPLOITDB text WORKING POC
SiteDone Custom Edition 2.0 - SQL Injection / Cross-Site Scripting
EIP-2026-111117 EXPLOITDB text WRITEUP
phpList 2.8.11 - SQL Injection
CVE-2008-4880 EXPLOITDB text WORKING POC
Maran PHP Shop - SQL Injection via prodshow.php id Parameter
SQL injection vulnerability in prodshow.php in Maran PHP Shop allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-4879.
CVE-2008-6222 EXPLOITDB text WORKING POC
Pro Desk Support Center 1.0 and 1.2 - Path Traversal via Include File Parameter
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
CVE-2008-6222 EXPLOITDB text WORKING POC
Pro Desk Support Center 1.0 and 1.2 - Path Traversal via Include File Parameter
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
CVE-2009-1624 EXPLOITDB text WRITEUP
Dew-NewPHPLinks 2.0 - Path Traversal via Show Parameter
Directory traversal vulnerability in index.php in Dew-NewPHPLinks 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the show parameter.