ppp-design

8 exploits Active since Jun 2002
CVE-2002-0553 EXPLOITDB text WORKING POC
Turnkey Solutions Sunshop Shopping Cart - XSS
Cross-site scripting vulnerability in SunShop 2.5 and earlier allows remote attackers to gain administrative privileges to SunShop by injecting the script into fields during new customer registration.
CVE-2002-1480 EXPLOITDB text WORKING POC
phpGB <1.20 - XSS
Cross-site scripting (XSS) vulnerability in phpGB before 1.20 allows remote attackers to inject arbitrary HTML or script into guestbook pages, which is executed when the administrator deletes the entry.
EIP-2026-110899 EXPLOITDB text WORKING POC
PHP-ping - 'Count' Command Execution
CVE-2002-1481 EXPLOITDB text WORKING POC
phpGB <1.20 - DoS/Code Injection
savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php.
CVE-2002-1482 EXPLOITDB text WRITEUP
phpGB <1.20 - SQL Injection
SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magic_quotes_gpc is not enabled, allows remote attackers to gain administrative privileges via SQL code in the password entry.
CVE-2002-2343 EXPLOITDB text WRITEUP
Nocc - XSS
Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages.
CVE-2002-0613 EXPLOITDB text WORKING POC
DNSTools <2.0 beta 4 - Auth Bypass
dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user_logged_in or user_dnstools_administrator parameters.
CVE-2002-0599 EXPLOITDB text WORKING POC
Blahz-DNS <0.2 - Auth Bypass
Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen.