rgod

470 exploits Active since Jul 2005
CVE-2006-1164 EXPLOITDB php WORKING POC
Nodez <4.6.1.1 - Info Disclosure
Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing list.gtdat.
CVE-2006-0891 EXPLOITDB php WORKING POC
Nocc - Path Traversal
Multiple directory traversal vulnerabilities in NOCC Webmail 1.0 allow remote attackers to include arbitrary files via .. (dot dot) sequences and a trailing NULL (%00) byte in (1) the _SESSION['nocc_theme'] parameter in (a) html/footer.php; and (2) the lang and (3) theme parameters and the (4) Accept-Language HTTP header field, when force_default_lang is disabled, in (b) index.php, as demonstrated by injecting PHP code into a profile and accessing it using the lang parameter in index.php.
CVE-2006-0894 EXPLOITDB text WRITEUP
Nocc - XSS
Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the html_error_occurred parameter in error.php, (2) html_filter_select parameter in filter_prefs.php, (3) html_no_mail parameter in no_mail.php, the (4) page_line, (5) prev, and (6) next parameters in html_bottom_table.php, and the (7) _SESSION['nocc_theme'] parameter in footer.php.
CVE-2006-0894 EXPLOITDB text WORKING POC
Nocc - XSS
Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the html_error_occurred parameter in error.php, (2) html_filter_select parameter in filter_prefs.php, (3) html_no_mail parameter in no_mail.php, the (4) page_line, (5) prev, and (6) next parameters in html_bottom_table.php, and the (7) _SESSION['nocc_theme'] parameter in footer.php.
CVE-2006-0894 EXPLOITDB text WRITEUP
Nocc - XSS
Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the html_error_occurred parameter in error.php, (2) html_filter_select parameter in filter_prefs.php, (3) html_no_mail parameter in no_mail.php, the (4) page_line, (5) prev, and (6) next parameters in html_bottom_table.php, and the (7) _SESSION['nocc_theme'] parameter in footer.php.
CVE-2006-0894 EXPLOITDB text WRITEUP
Nocc - XSS
Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the html_error_occurred parameter in error.php, (2) html_filter_select parameter in filter_prefs.php, (3) html_no_mail parameter in no_mail.php, the (4) page_line, (5) prev, and (6) next parameters in html_bottom_table.php, and the (7) _SESSION['nocc_theme'] parameter in footer.php.
EIP-2026-109890 EXPLOITDB text WORKING POC
Netquery 3.1 - 'submit.php?portnum' Cross-Site Scripting
EIP-2026-109889 EXPLOITDB text WORKING POC
Netquery 3.1 - 'portlist.php?portnum' Cross-Site Scripting
EIP-2026-109888 EXPLOITDB text WORKING POC
Netquery 3.1 - 'nqports2.php' Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-109887 EXPLOITDB text WRITEUP
Netquery 3.1 - 'nqports.php?step' Cross-Site Scripting
EIP-2026-109886 EXPLOITDB text WORKING POC
Netquery 3.1 - 'nqgeoip2.php' Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-109885 EXPLOITDB text WRITEUP
Netquery 3.1 - 'nqgeoip.php?step' Cross-Site Scripting
CVE-2005-2397 EXPLOITDB text WORKING POC
GNU Phpbook - XSS
Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter.
CVE-2005-3649 EXPLOITDB php WORKING POC
Moodle 1.5.2 - Open Redirect
jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users to other sites via the jump parameter.
CVE-2011-5035 EXPLOITDB php WORKING POC
Oracle Glassfish Server < 3.1.1 - Improper Input Validation
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
CVE-2006-4042 EXPLOITDB php WORKING POC
Mywebland Mybloggie < 2.1.4 - SQL Injection
Multiple SQL injection vulnerabilities in trackback.php in myWebland myBloggie 2.1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) title, (2) url, (3) excerpt, or (4) blog_name parameters.
CVE-2005-3324 EXPLOITDB text WORKING POC
Appindex Mwchat - SQL Injection
SQL injection vulnerability in chat.php in MWChat 6.8 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2006-0565 EXPLOITDB php WORKING POC
Gerrit VAN Aaken Loudblog < 0.4 - Code Injection
PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter.
EIP-2026-109423 EXPLOITDB php WORKING POC
MercuryBoard 1.1.4 - 'User-Agent' SQL Injection
EIP-2026-109358 EXPLOITDB text WORKING POC
MAXdev MD-Pro 1.0.73 - Multiple Cross-Site Scripting Vulnerabilities
CVE-2005-2885 EXPLOITDB text WORKING POC
MAXdev MD-Pro <1.0.73 - RCE
The Downloads page in MAXdev MD-Pro 1.0.73, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which could allow remote attackers to bypass file extension checks and execute arbitrary commands by uploading a file with a different extension, as demonstrated using .inc files.
CVE-2006-3262 EXPLOITDB php WORKING POC
Mambo <4.6rc1 - SQL Injection
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
CVE-2006-3262 EXPLOITDB php WORKING POC
Mambo <4.6rc1 - SQL Injection
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
CVE-2005-3738 EXPLOITDB php WORKING POC
Mambo Site Server <4.0.14 - RCE
globals.php in Mambo Site Server 4.0.14 and earlier, when register_globals is disabled, allows remote attackers to overwrite variables in the GLOBALS array and conduct various attacks, as demonstrated using the mosConfig_absolute_path parameter to content.html.php for remote PHP file inclusion.
CVE-2005-3063 EXPLOITDB php WORKING POC
MailGust 1.9 - SQL Injection
SQL injection vulnerability in MailGust 1.9 allows remote attackers to execute arbitrary SQL commands via the email field on the password reminder page.