d4igoro

10 exploits Active since Apr 2006
CVE-2006-1768 EXPLOITDB text WRITEUP
Tritanium Bulletin Board 1.2.3 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_name, (2) newuser_email, and (3) newuser_hp parameters in the faction=register mode in index.php.
CVE-2006-2294 EXPLOITDB text WRITEUP
Timobraun Dynamic Galerie - XSS
Cross-site scripting (XSS) vulnerability in Dynamic Galerie 1.0 allows remote attackers to inject arbitrary web script or HTML via the pfad parameter in (1) index.php and (2) galerie.php. NOTE: this issue might be resultant from directory traversal.
CVE-2006-2295 EXPLOITDB text WRITEUP
Timobraun Dynamic Galerie - Path Traversal
Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to (1) index.php and (2) galerie.php.
CVE-2006-2295 EXPLOITDB text WRITEUP
Timobraun Dynamic Galerie - Path Traversal
Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to (1) index.php and (2) galerie.php.
CVE-2006-2294 EXPLOITDB text WRITEUP
Timobraun Dynamic Galerie - XSS
Cross-site scripting (XSS) vulnerability in Dynamic Galerie 1.0 allows remote attackers to inject arbitrary web script or HTML via the pfad parameter in (1) index.php and (2) galerie.php. NOTE: this issue might be resultant from directory traversal.
CVE-2006-1801 EXPLOITDB text WRITEUP
PlanetSearch+ - XSS
Cross-site scripting (XSS) vulnerability in planetsearchplus.php in planetSearch+ allows remote attackers to inject arbitrary web script or HTML via the search_exp parameter.
CVE-2006-1805 EXPLOITDB text WRITEUP
PowerClan 1.14 - SQL Injection
SQL injection vulnerability in member.php in PowerClan 1.14 allows remote attackers to execute arbitrary SQL commands via the memberid parameter.
CVE-2006-2176 EXPLOITDB text WRITEUP
PHP Design X Php Linkliste - XSS
Multiple cross-site scripting (XSS) vulnerabilities in links.php in PHP Linkliste 1.0b allow remote attackers to inject arbitrary web script or HTML via the (1) new_input, (2) new_url, or (3) new_name parameter.
CVE-2006-2211 EXPLOITDB text WRITEUP
321soft Php-gallery - Path Traversal
Absolute path traversal vulnerability in index.php in 321soft PhP-Gallery 0.9 allows remote attackers to browse arbitrary directories via the path parameter.
CVE-2006-2210 EXPLOITDB text WRITEUP
321soft Php-gallery - XSS
Cross-site scripting (XSS) vulnerability in index.php in 321soft PhP-Gallery 0.9 allows remote attackers to inject arbitrary web script or HTML via the path parameter. NOTE: this issue might be resultant from the directory traversal vulnerability.