r0ut3r

35 exploits Active since Jun 2006
CVE-2006-6426 EXPLOITDB text WORKING POC
ThinkEdit < 1.9.2 - Remote File Inclusion via Template File Parameter
PHP remote file inclusion vulnerability in design/thinkedit/render.php in ThinkEdit 1.9.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the template_file parameter.
CVE-2006-5302 EXPLOITDB perl WORKING POC
Redaction System 1.0000 - Remote Code Execution via PHP File Inclusion
Multiple PHP remote file inclusion vulnerabilities in Redaction System 1.0000 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang_prefix parameter to (a) conn.php, (b) sesscheck.php, (c) wap/conn.php, or (d) wap/sesscheck.php, or the (2) lang parameter to (e) index.php.
CVE-2006-6390 EXPLOITDB perl WORKING POC
Open Solution Quick.Cart 2.0 - Path Traversal
Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[db_type] parameter to (1) categories.php, (2) couriers.php, (3) orders.php, and (4) products.php in actions_admin/; and (5) orders.php and (6) products.php in actions_client/; as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by one of these PHP scripts.
CVE-2006-7102 EXPLOITDB perl WORKING POC
phpburningportal_quiz-modul < 1.0.1 - Remote Code Execution via lang_path Parameter
Multiple PHP remote file inclusion vulnerabilities in phpBurningPortal quiz-modul 1.0.1, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter to (1) quest_delete.php, (2) quest_edit.php, or (3) quest_news.php.
CVE-2006-5399 EXPLOITDB perl WORKING POC
PHPRecipeBook 2.36 - Remote Code Execution via g_rb_basedir Parameter
PHP remote file inclusion vulnerability in classes/Import_MM.class.php in PHPRecipeBook 2.36, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the g_rb_basedir parameter.
CVE-2006-5154 EXPLOITDB text WRITEUP
DeluxeBB <= 1.09 - Remote File Inclusion via cp/sig.php templatefolder Parameter
PHP remote file inclusion vulnerability in cp/sig.php in DeluxeBB 1.09 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the templatefolder parameter.
EIP-2026-106148 EXPLOITDB text WORKING POC
ContentNow 1.30 - Local File Inclusion / Arbitrary File Upload/Delete
CVE-2006-5588 EXPLOITDB perl WORKING POC
CMS Faethon < 2.0_ultimate - Remote File Inclusion via mainpath Parameter
Multiple PHP remote file inclusion vulnerabilities in CMS Faethon 2.0 Ultimate and earlier, when register_globals and magic_quotes_gpc are enabled, allow remote attackers to execute arbitrary PHP code via a URL in the mainpath parameter to (1) includes/rss-reader.php or (2) admin/config.php, different vectors than CVE-2006-3185.
CVE-2007-4033 EXPLOITDB php WORKING POC
t1lib 5.1.1 - Buffer Overflow
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3.
EIP-2026-101037 EXPLOITDB php WORKING POC
Linksys WAG54G v2 Wireless ADSL Router - HTTPd Denial of Service