rgod

471 exploits Active since Jul 2005
CVE-2005-3045 EXPLOITDB php WORKING POC
My Little Forum <1.6 - SQL Injection
SQL injection vulnerability in search.php in My Little Forum 1.5 and 1.6 beta allows remote attackers to execute arbitrary SQL commands via the phrase field.
CVE-2006-1164 EXPLOITDB php WORKING POC
Nodez <= 4.6.1.1 - Unauthenticated Sensitive Data Exposure via list.gtdat
Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing list.gtdat.
CVE-2006-0891 EXPLOITDB php WORKING POC
NOCC Webmail 1.0 - Directory Traversal via Session Parameter or HTTP Header
Multiple directory traversal vulnerabilities in NOCC Webmail 1.0 allow remote attackers to include arbitrary files via .. (dot dot) sequences and a trailing NULL (%00) byte in (1) the _SESSION['nocc_theme'] parameter in (a) html/footer.php; and (2) the lang and (3) theme parameters and the (4) Accept-Language HTTP header field, when force_default_lang is disabled, in (b) index.php, as demonstrated by injecting PHP code into a profile and accessing it using the lang parameter in index.php.
CVE-2006-0894 EXPLOITDB text WRITEUP
NOCC Webmail 1.0 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the html_error_occurred parameter in error.php, (2) html_filter_select parameter in filter_prefs.php, (3) html_no_mail parameter in no_mail.php, the (4) page_line, (5) prev, and (6) next parameters in html_bottom_table.php, and the (7) _SESSION['nocc_theme'] parameter in footer.php.
CVE-2006-0894 EXPLOITDB text WORKING POC
NOCC Webmail 1.0 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the html_error_occurred parameter in error.php, (2) html_filter_select parameter in filter_prefs.php, (3) html_no_mail parameter in no_mail.php, the (4) page_line, (5) prev, and (6) next parameters in html_bottom_table.php, and the (7) _SESSION['nocc_theme'] parameter in footer.php.
CVE-2006-0894 EXPLOITDB text WRITEUP
NOCC Webmail 1.0 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the html_error_occurred parameter in error.php, (2) html_filter_select parameter in filter_prefs.php, (3) html_no_mail parameter in no_mail.php, the (4) page_line, (5) prev, and (6) next parameters in html_bottom_table.php, and the (7) _SESSION['nocc_theme'] parameter in footer.php.
CVE-2006-0894 EXPLOITDB text WRITEUP
NOCC Webmail 1.0 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the html_error_occurred parameter in error.php, (2) html_filter_select parameter in filter_prefs.php, (3) html_no_mail parameter in no_mail.php, the (4) page_line, (5) prev, and (6) next parameters in html_bottom_table.php, and the (7) _SESSION['nocc_theme'] parameter in footer.php.
EIP-2026-109890 EXPLOITDB text WORKING POC
Netquery 3.1 - 'submit.php?portnum' Cross-Site Scripting
EIP-2026-109889 EXPLOITDB text WORKING POC
Netquery 3.1 - 'portlist.php?portnum' Cross-Site Scripting
EIP-2026-109888 EXPLOITDB text WORKING POC
Netquery 3.1 - 'nqports2.php' Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-109887 EXPLOITDB text WRITEUP
Netquery 3.1 - 'nqports.php?step' Cross-Site Scripting
EIP-2026-109886 EXPLOITDB text WORKING POC
Netquery 3.1 - 'nqgeoip2.php' Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-109885 EXPLOITDB text WRITEUP
Netquery 3.1 - 'nqgeoip.php?step' Cross-Site Scripting
CVE-2005-2397 EXPLOITDB text WORKING POC
phpBook 1.46 - Cross-Site Scripting via Admin Parameter
Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter.
CVE-2005-3649 EXPLOITDB php WORKING POC
Moodle 1.5.2 - Open Redirect via jumpto.php Jump Parameter
jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users to other sites via the jump parameter.
CVE-2011-5035 EXPLOITDB php WORKING POC
Oracle Glassfish < 3.1.1 - Denial of Service via Predictable Hash Collisions
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
CVE-2006-4042 EXPLOITDB php WORKING POC
mybloggie < 2.1.4 - SQL Injection via trackback.php Parameters
Multiple SQL injection vulnerabilities in trackback.php in myWebland myBloggie 2.1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) title, (2) url, (3) excerpt, or (4) blog_name parameters.
CVE-2005-3324 EXPLOITDB text WORKING POC
MWChat 6.8 - SQL Injection via Username Parameter
SQL injection vulnerability in chat.php in MWChat 6.8 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2006-0565 EXPLOITDB php WORKING POC
Loudblog < 0.4 - Remote Code Execution via $GLOBALS[path] Parameter
PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter.
EIP-2026-109423 EXPLOITDB php WORKING POC
MercuryBoard 1.1.4 - 'User-Agent' SQL Injection
EIP-2026-109358 EXPLOITDB text WORKING POC
MAXdev MD-Pro 1.0.73 - Multiple Cross-Site Scripting Vulnerabilities
CVE-2005-2885 EXPLOITDB text WORKING POC
MAXdev MD-Pro 1.0.73 - Remote Command Execution via Incomplete File Extension Blacklist Bypass
The Downloads page in MAXdev MD-Pro 1.0.73, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which could allow remote attackers to bypass file extension checks and execute arbitrary commands by uploading a file with a different extension, as demonstrated using .inc files.
CVE-2006-3262 EXPLOITDB php WORKING POC
Mambo < 4.6 - SQL Injection via Weblinks Title Parameter
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
CVE-2006-3262 EXPLOITDB php WORKING POC
Mambo < 4.6 - SQL Injection via Weblinks Title Parameter
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
CVE-2005-3738 EXPLOITDB php WORKING POC
Mambo Site Server <= 4.0.14 - Remote PHP File Inclusion via mosConfig_absolute_path Parameter
globals.php in Mambo Site Server 4.0.14 and earlier, when register_globals is disabled, allows remote attackers to overwrite variables in the GLOBALS array and conduct various attacks, as demonstrated using the mosConfig_absolute_path parameter to content.html.php for remote PHP file inclusion.