rUnViRuS

16 exploits Active since Jul 2005
EIP-2026-114912 EXPLOITDB php WORKING POC
Apache 2.4.17 - Denial of Service
CVE-2007-3196 EXPLOITDB text WRITEUP
Jelsoft Vbsupport Integrated Ticket System - SQL Injection
SQL injection vulnerability in vBSupport.php in vSupport Integrated Ticket System 3.x.x allows remote attackers to execute arbitrary SQL commands via the ticketid parameter in a showticket action.
CVE-2006-1800 EXPLOITDB perl WORKING POC
SimpleBBS <1.1 - Path Traversal
Directory traversal vulnerability in posts.php in SimpleBBS 1.0.6 through 1.1 allows remote attackers to include and execute arbitrary files via ".." sequences in the language cookie, as demonstrated by by injecting the code into the gl_session cookie of users.php, which is stored in error.log.
CVE-2007-3332 EXPLOITDB text WORKING POC
Php-nuke Satel Lite - Path Traversal
Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the name parameter in a modload action.
CVE-2006-5118 EXPLOITDB text WRITEUP
PDD PHPSelect - RCE
PHP remote file inclusion vulnerability in index.php3 in the PDD package for PHPSelect Web Development Division allows remote attackers to execute arbitrary PHP code via a URL in the Application_Root parameter.
CVE-2005-4423 EXPLOITDB text WORKING POC
PHPFM <0.2.3 - RCE
Unrestricted file upload vulnerability in PHPFM before 0.2.3 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension to an accessible directory, as demonstrated using a file with a .php extension, aka "upload phpshell."
EIP-2026-110506 EXPLOITDB text WRITEUP
PBBoard 2.0.2 - Full Path Disclosure
EIP-2026-109501 EXPLOITDB perl WORKING POC
MKPortal 1.0.1 - 'index.php' Directory Traversal
CVE-2007-0178 EXPLOITDB text WRITEUP
Easy Banner Pro 2.8 - RCE
PHP remote file inclusion vulnerability in info.php in Easy Banner Pro 2.8 allows remote attackers to execute arbitrary PHP code via a URL in the s[phppath] parameter.
EIP-2026-100707 EXPLOITDB text WRITEUP
Simple Message Board 2.0 beta1 - 'User.cfm' Cross-Site Scripting
EIP-2026-100706 EXPLOITDB text WRITEUP
Simple Message Board 2.0 beta1 - 'Thread.cfm' Cross-Site Scripting
EIP-2026-100705 EXPLOITDB text WRITEUP
Simple Message Board 2.0 beta1 - 'Search.cfm' Cross-Site Scripting
EIP-2026-100704 EXPLOITDB text WRITEUP
Simple Message Board 2.0 beta1 - 'Forum.cfm' Cross-Site Scripting
CVE-2005-2560 EXPLOITDB text WRITEUP
CFBB 1.1.0 - XSS
Cross-site scripting (XSS) vulnerability in index.cfm in CFBB 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2005-2318 EXPLOITDB text WORKING POC
Dvbbs - XSS
Cross-site scripting (XSS) vulnerability in showerr.asp in DVBBS 7.1 SP2 allows remote attackers to inject arbitrary web script or HTML via the action parameter.
CVE-2006-0974 EXPLOITDB text WORKING POC
Battleaxe Software Bttlxeforum - XSS
Cross-site scripting (XSS) vulnerability in failure.asp in Battleaxe bttlxeForum 2.0 allows remote attackers to inject arbitrary web script or HTML via the err_txt parameter.