not sec group

4 exploits Active since Jun 2007
CVE-2007-3160 EXPLOITDB html WORKING POC
PHP Real Estate Classifieds Premium Plus - RCE
PHP remote file inclusion vulnerability in admin/header.php in PHP Real Estate Classifieds Premium Plus allows remote attackers to execute arbitrary PHP code via a URL in the loc parameter.
CVE-2007-4645 EXPLOITDB text WORKING POC
NMDeluxe 2.0.0 - SQL Injection via id Parameter in newspost Action
SQL injection vulnerability in index.php in NMDeluxe 2.0.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a newspost do action, a different vulnerability than CVE-2006-1108.
CVE-2007-4602 EXPLOITDB text WORKING POC
Implied by Design Micro CMS <3.5 - SQL Injection
SQL injection vulnerability in cms/revert-content.php in Implied by Design Micro CMS (Micro-CMS) 3.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-4805 EXPLOITDB html WORKING POC
fuzzylime (cms) <= 3.0 - Path Traversal via getgalldata.php p Parameter
Directory traversal vulnerability in getgalldata.php in fuzzylime (cms) 3.0 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the p parameter.