d3v1l [Avram Marius]

11 exploits Active since Nov 2008
CVE-2010-2674 EXPLOITDB text WORKING POC
TSOKA:CMS <2.0 - SQL Injection
SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an articolo action.
CVE-2009-1623 EXPLOITDB text WRITEUP
Dew-code Dew-newphplinks - XSS
Cross-site scripting (XSS) vulnerability in index.php in Dew-NewPHPLinks 2.0 allows remote attackers to inject arbitrary web script or HTML via the PID parameter.
CVE-2009-2172 EXPLOITDB text WRITEUP
Radio and TV Player <vBulletin - XSS
Cross-site scripting (XSS) vulnerability in forum/radioandtv.php in the Radio and TV Player addon for vBulletin allows remote registered users to inject arbitrary web script or HTML via the station parameter.
CVE-2008-6271 EXPLOITDB text WORKING POC
Tbmnetcms - Path Traversal
Directory traversal vulnerability in index.php in TBmnetCMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the content parameter.
CVE-2010-2675 EXPLOITDB text WORKING POC
TSOKA:CMS <2.0 - XSS
Cross-site scripting (XSS) vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter in an articolo action.
EIP-2026-112183 EXPLOITDB text WORKING POC
SiteDone Custom Edition 2.0 - SQL Injection / Cross-Site Scripting
EIP-2026-111117 EXPLOITDB text WRITEUP
phpList 2.8.11 - SQL Injection
CVE-2008-4880 EXPLOITDB text WORKING POC
Maran Php Shop - SQL Injection
SQL injection vulnerability in prodshow.php in Maran PHP Shop allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-4879.
CVE-2008-6222 EXPLOITDB text WORKING POC
Joomlashowroom Pro Desk Support Center - Path Traversal
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
CVE-2008-6222 EXPLOITDB text WORKING POC
Joomlashowroom Pro Desk Support Center - Path Traversal
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
CVE-2009-1624 EXPLOITDB text WRITEUP
Dew-code Dew-newphplinks - Path Traversal
Directory traversal vulnerability in index.php in Dew-NewPHPLinks 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the show parameter.