fuzion

19 exploits Active since Jan 2008
CVE-2009-3181 EXPLOITDB bash WORKING POC
Anantasoft Gazelle CMS 1.0 - Path Traversal and Arbitrary File Write via Customize Template Parameter
Directory traversal vulnerability in Anantasoft Gazelle CMS 1.0 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the customizetemplate parameter in a direct request to admin/settemplate.php.
CVE-2009-3180 EXPLOITDB bash WORKING POC
Anantasoft Gazelle CMS 1.0 - Unauthenticated Password Reset via User Parameter
Anantasoft Gazelle CMS 1.0 allows remote attackers to conduct a password reset for other users via a modified user parameter to renew.php.
CVE-2009-3171 EXPLOITDB bash WORKING POC
Anantasoft Gazelle CMS < 1.0 - Cross-Site Scripting via User or Lookup Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Anantasoft Gazelle CMS 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user parameter to user.php or (2) lookup parameter to search.php.
CVE-2009-3167 EXPLOITDB bash WORKING POC
Anantasoft Gazelle CMS 1.0 - Path Traversal via Template Parameter
Directory traversal vulnerability in index.php in Anantasoft Gazelle CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter.
CVE-2008-5859 EXPLOITDB text WRITEUP
Constructr CMS <3.02.5 - SQL Injection
SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the show_page parameter.
CVE-2008-5847 EXPLOITDB text WRITEUP
Constructr CMS <3.02.5 - Info Disclosure
Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information by reading the hash column.
CVE-2008-0465 EXPLOITDB text WORKING POC
Seagull 0.6.3 - Path Traversal via Files Parameter
Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the files parameter.
CVE-2008-0334 EXPLOITDB text WORKING POC
PMachine Pro 2.4.1 - Cross-Site Scripting via L_PREF_NAME[855] Parameter
Cross-site scripting (XSS) vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the L_PREF_NAME[855] parameter.
CVE-2008-6851 EXPLOITDB text WORKING POC
PHP Link Directory 3.3 - SQL Injection via page.php name Parameter
SQL injection vulnerability in page.php in PHP Link Directory (phpLD) 3.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the name parameter.
CVE-2009-0286 EXPLOITDB text WORKING POC
OpenGoo 1.1 - Path Traversal via form_data[script_class] Parameter
Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter.
CVE-2008-5890 EXPLOITDB text WORKING POC
injader < 2.1.2 - SQL Injection via id Parameter
SQL injection vulnerability in feeds.php in Injader before 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-0645 EXPLOITDB text WORKING POC
Jaws 0.8.8 - Authenticated Path Traversal via Language, Introduction_complete, or use_log Parameters
Directory traversal vulnerability in index.php in Jaws 0.8.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) language, (2) Introduction_complete, and (3) use_log parameters, different vectors than CVE-2004-2445.
CVE-2009-0295 EXPLOITDB php WORKING POC
ITLPoll 2.7 Stable 2 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in Information Technology Light Poll Information (ITLPoll) 2.7 Stable 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-3182 EXPLOITDB bash WORKING POC
Anantasoft Gazelle CMS 1.0 - Unauthenticated Arbitrary File Upload via File Manager
Unrestricted file upload vulnerability in admin/editor/filemanager/browser.html in Anantasoft Gazelle CMS 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in user/File/.
CVE-2009-3167 EXPLOITDB text WORKING POC
Anantasoft Gazelle CMS 1.0 - Path Traversal via Template Parameter
Directory traversal vulnerability in index.php in Anantasoft Gazelle CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter.
CVE-2008-5856 EXPLOITDB text WRITEUP
ClaSS < 0.8.60 - Path Traversal via ftype Parameter
Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter.
CVE-2008-5860 EXPLOITDB text WRITEUP
Constructr CMS <3.02.5 - Path Traversal
Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the edit_file parameter.
CVE-2008-5748 EXPLOITDB HIGH text WORKING POC
BloofoxCMS 0.3.4 - Path Traversal via Lang Theme or Module Parameter
Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote attackers to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters.
CVSS 8.1
CVE-2008-0729 EXPLOITDB html WORKING POC
Mobile Safari 1.1.2-1.1.3 - Denial of Service via JavaScript String and Array Manipulation
Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote attackers to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to CVE-2006-3677. NOTE: some of these details are obtained from third party information.