d4igoro

10 exploits Active since Apr 2006
CVE-2006-1768 EXPLOITDB text WRITEUP
Tritanium Bulletin Board 1.2.3 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_name, (2) newuser_email, and (3) newuser_hp parameters in the faction=register mode in index.php.
CVE-2006-2294 EXPLOITDB text WRITEUP
Dynamic Galerie 1.0 - Cross-Site Scripting via pfad Parameter
Cross-site scripting (XSS) vulnerability in Dynamic Galerie 1.0 allows remote attackers to inject arbitrary web script or HTML via the pfad parameter in (1) index.php and (2) galerie.php. NOTE: this issue might be resultant from directory traversal.
CVE-2006-2295 EXPLOITDB text WRITEUP
Dynamic Galerie 1.0 - Path Traversal via pfad Parameter
Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to (1) index.php and (2) galerie.php.
CVE-2006-2295 EXPLOITDB text WRITEUP
Dynamic Galerie 1.0 - Path Traversal via pfad Parameter
Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to (1) index.php and (2) galerie.php.
CVE-2006-2294 EXPLOITDB text WRITEUP
Dynamic Galerie 1.0 - Cross-Site Scripting via pfad Parameter
Cross-site scripting (XSS) vulnerability in Dynamic Galerie 1.0 allows remote attackers to inject arbitrary web script or HTML via the pfad parameter in (1) index.php and (2) galerie.php. NOTE: this issue might be resultant from directory traversal.
CVE-2006-1801 EXPLOITDB text WRITEUP
planetSearch+ < 2005-10-26 - Cross-Site Scripting via search_exp Parameter
Cross-site scripting (XSS) vulnerability in planetsearchplus.php in planetSearch+ allows remote attackers to inject arbitrary web script or HTML via the search_exp parameter.
CVE-2006-1805 EXPLOITDB text WRITEUP
PowerClan 1.14 - SQL Injection via Member ID Parameter
SQL injection vulnerability in member.php in PowerClan 1.14 allows remote attackers to execute arbitrary SQL commands via the memberid parameter.
CVE-2006-2176 EXPLOITDB text WRITEUP
PHP Linkliste 1.0b - Cross-Site Scripting via new_input, new_url, or new_name Parameter
Multiple cross-site scripting (XSS) vulnerabilities in links.php in PHP Linkliste 1.0b allow remote attackers to inject arbitrary web script or HTML via the (1) new_input, (2) new_url, or (3) new_name parameter.
CVE-2006-2211 EXPLOITDB text WRITEUP
321soft php-gallery 0.9 - Absolute Path Traversal via Index.php Path Parameter
Absolute path traversal vulnerability in index.php in 321soft PhP-Gallery 0.9 allows remote attackers to browse arbitrary directories via the path parameter.
CVE-2006-2210 EXPLOITDB text WRITEUP
321soft php-gallery 0.9 - Cross-Site Scripting via Path Parameter
Cross-site scripting (XSS) vulnerability in index.php in 321soft PhP-Gallery 0.9 allows remote attackers to inject arbitrary web script or HTML via the path parameter. NOTE: this issue might be resultant from the directory traversal vulnerability.