o0xxdark0o

5 exploits Active since Oct 2006
CVE-2007-3228 EXPLOITDB text WORKING POC
Sitellite CMS <4.2.12 - RCE
PHP remote file inclusion vulnerability in saf/lib/PEAR/PhpDocumentor/Documentation/tests/bug-559668.php in Sitellite CMS 4.2.12 and earlier might allow remote attackers to execute arbitrary PHP code via a URL in the FORUM[LIB] parameter. NOTE: by default, access to the PhpDocumentor directory tree is blocked by .htaccess.
CVE-2007-3230 EXPLOITDB text WORKING POC
Idan Sofer PHP::HTML 0.6.4 - RCE
PHP remote file inclusion vulnerability in phphtml.php in Idan Sofer PHP::HTML 0.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the htmlclass_path parameter.
CVE-2007-3270 EXPLOITDB text WORKING POC
phpMyInventory <2.8 - RCE
PHP remote file inclusion vulnerability in Includes/global.inc.php in phpMyInventory 2.8 allows remote attackers to execute arbitrary PHP code via a URL in the strIncludePrefix parameter.
CVE-2006-5426 EXPLOITDB text WORKING POC
LoCal Calendar System 1.1 - RCE
PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal Calendar System 1.1 remote attackers to execute arbitrary PHP code via a URL in the LIBDIR parameter.
CVE-2006-5522 EXPLOITDB text WORKING POC
Johannes Erdfelt Kawf <1.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in Johannes Erdfelt Kawf 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config parameter in (1) main.php or (2) user/account/main.php.