r3dm0v3

6 exploits Active since Sep 2008
CVE-2008-4613 EXPLOITDB text WORKING POC
Portalapp - SQL Injection
SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
CVE-2008-4612 EXPLOITDB text WORKING POC
Portalapp - XSS
Cross-site scripting (XSS) vulnerability in PortalApp 4.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter to (1) forums.asp and (2) content.asp.
CVE-2008-4351 EXPLOITDB text WORKING POC
Phpsmartcom - Path Traversal
Directory traversal vulnerability in index.php in phpSmartCom 0.2 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the p parameter.
CVE-2008-4352 EXPLOITDB text WORKING POC
Phpsmartcom - SQL Injection
SQL injection vulnerability in inc/pages/viewprofile.php in phpSmartCom 0.2 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a viewprofile action to index.php.
CVE-2008-5582 EXPLOITDB perl WORKING POC
Nukedit <4.9 - SQL Injection
SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter.
CVE-2008-4614 EXPLOITDB text WORKING POC
Portalapp - Authentication Bypass
PortalApp 4.0 does not require authentication for (1) forums.asp and (2) content.asp, which allows remote attackers to create and delete forums, topics, and replies.