liz0

6 exploits Active since Nov 2005
CVE-2006-0235 EXPLOITDB text WRITEUP
White Angle White Album - SQL Injection
SQL injection vulnerability in WhiteAlbum 2.5 allows remote attackers to execute arbitrary SQL commands via the dir parameter to pictures.php.
CVE-2005-3924 EXPLOITDB text WRITEUP
Randshop - SQL Injection
SQL injection vulnerability in themes/kategorie/index.php in Randshop allows remote attackers to execute arbitrary SQL commands via the (1) kategorieid and (2) katid parameters.
EIP-2026-111254 EXPLOITDB text WORKING POC
PHPXplorer 0.9.33 - 'action.php' Directory Traversal
CVE-2005-3947 EXPLOITDB text WORKING POC
PHP Upload Center - Path Traversal
Directory traversal vulnerability in index.php in PHP Upload Center allows remote attackers to read arbitrary files via "../" sequences in the filename parameter.
EIP-2026-106582 EXPLOITDB text WORKING POC
Drupal 4.x - URL-Encoded Input HTML Injection
CVE-2006-1157 EXPLOITDB text WORKING POC
Vz Scripts ADP Forum <2.0.3 - XSS
Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php.