indoushka

307 exploits Active since Apr 2004
CVE-2012-1200 EXPLOITDB text WRITEUP
Nova CMS - Remote File Inclusion via Multiple Parameter Injection
Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow remote attackers to execute arbitrary PHP code via a URL in the (1) fileType parameter to optimizer/index.php, (2) id parameter to administrator/modules/moduleslist.php, (3) filename parameter to includes/function/gets.php, or (4) conf[blockfile] parameter to includes/function/usertpl.php.
CVE-2012-1200 EXPLOITDB text WRITEUP
Nova CMS - Remote File Inclusion via Multiple Parameter Injection
Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow remote attackers to execute arbitrary PHP code via a URL in the (1) fileType parameter to optimizer/index.php, (2) id parameter to administrator/modules/moduleslist.php, (3) filename parameter to includes/function/gets.php, or (4) conf[blockfile] parameter to includes/function/usertpl.php.
CVE-2012-1200 EXPLOITDB text WRITEUP
Nova CMS - Remote File Inclusion via Multiple Parameter Injection
Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow remote attackers to execute arbitrary PHP code via a URL in the (1) fileType parameter to optimizer/index.php, (2) id parameter to administrator/modules/moduleslist.php, (3) filename parameter to includes/function/gets.php, or (4) conf[blockfile] parameter to includes/function/usertpl.php.
EIP-2026-109938 EXPLOITDB text WORKING POC
Ninja Blog 4.8 - Multiple Vulnerabilities
CVE-2012-1200 EXPLOITDB text WRITEUP
Nova CMS - Remote File Inclusion via Multiple Parameter Injection
Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow remote attackers to execute arbitrary PHP code via a URL in the (1) fileType parameter to optimizer/index.php, (2) id parameter to administrator/modules/moduleslist.php, (3) filename parameter to includes/function/gets.php, or (4) conf[blockfile] parameter to includes/function/usertpl.php.
EIP-2026-109789 EXPLOITDB text WRITEUP
MySmartBB 1.0.0 - Cross-Site Scripting
EIP-2026-109790 EXPLOITDB text WORKING POC
MySmartBB 1.7 - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-109652 EXPLOITDB text WORKING POC
MusicBox 3.3 - Arbitrary File Upload
EIP-2026-109599 EXPLOITDB text WORKING POC
Mp3 Online Id Tag Editor - Remote File Inclusion
EIP-2026-109758 EXPLOITDB text WRITEUP
MyCart shopping cart - Arbitrary File Upload
EIP-2026-109787 EXPLOITDB text WORKING POC
MyShoutPro 1.2 Final - Cross-Site Scripting
EIP-2026-109631 EXPLOITDB text WRITEUP
Multi-Mirror - Arbitrary File Upload
EIP-2026-109525 EXPLOITDB text WORKING POC
Mobile Chat 2.0.2 - 'chatsmileys.php' Cross-Site Scripting
EIP-2026-109397 EXPLOITDB text SUSPICIOUS
Mega Upload 1.45 - Arbitrary File Upload
EIP-2026-109379 EXPLOITDB text WORKING POC
md5 Encryption Decryption PHP Script - 'index.php' Cross-Site Scripting
EIP-2026-109424 EXPLOITDB text WORKING POC
MercuryBoard 1.1.5 - 'index.php' Cross-Site Scripting
EIP-2026-109466 EXPLOITDB text WRITEUP
Mihalism Multi Host 4.0.0 - Arbitrary File Upload
EIP-2026-109354 EXPLOITDB text WORKING POC
Max's Photo Album - Arbitrary File Upload
EIP-2026-109243 EXPLOITDB text WRITEUP
Magic Uploader Mini - Arbitrary File Upload
EIP-2026-109191 EXPLOITDB text WRITEUP
Lizard Cart - Arbitrary File Upload
EIP-2026-109255 EXPLOITDB text WORKING POC
Maian Greetings 2.1 - Arbitrary File Upload
EIP-2026-109261 EXPLOITDB text WRITEUP
Maian Uploader 4.0 - Arbitrary File Upload
CVE-2010-0390 EXPLOITDB text WORKING POC
PHP F1 Max's Image Uploader 1.0 - Unauthenticated Arbitrary File Upload via pjpeg/jpeg Extension Handling
Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote attackers to execute arbitrary code by uploading a file with a pjpeg or jpeg extension, then accessing it via a direct request to the file in original/. NOTE: some of these details are obtained from third party information.
EIP-2026-109039 EXPLOITDB text SUSPICIOUS
kora - Reinstall Admin Information
EIP-2026-109048 EXPLOITDB text WORKING POC
KubeLabs PHPDug 2.0 - 'upcoming.php' Cross-Site Scripting