rgod

470 exploits Active since Jul 2005
CVE-2006-3362 EXPLOITDB php WORKING POC
FCKeditor mcpuk - Unrestricted File Upload
Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed, such as .zip.
CVE-2006-1348 EXPLOITDB php WORKING POC
gCards <1.45 - XSS
Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang[*][file] parameter, which is injected into an error message. NOTE: this issue might be resultant from CVE-2006-1346.
CVE-2006-1219 EXPLOITDB php WORKING POC
Gallery <2.0.3 - Path Traversal
Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.
CVE-2005-2569 EXPLOITDB text WORKING POC
Funkboard < 0.66f - XSS
Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.
CVE-2005-2569 EXPLOITDB text WORKING POC
Funkboard < 0.66f - XSS
Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.
CVE-2005-2569 EXPLOITDB text WORKING POC
Funkboard < 0.66f - XSS
Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.
CVE-2005-2569 EXPLOITDB text WORKING POC
Funkboard < 0.66f - XSS
Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.
CVE-2005-2569 EXPLOITDB text WORKING POC
Funkboard < 0.66f - XSS
Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.
CVE-2005-2569 EXPLOITDB text WORKING POC
Funkboard < 0.66f - XSS
Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.
EIP-2026-107197 EXPLOITDB text WRITEUP
Forum 5 - 'pm.php' Local File Inclusion
EIP-2026-107189 EXPLOITDB text WORKING POC
Form Sender 1.0 - 'Processform.php3?Failed' Cross-Site Scripting
CVE-2006-0714 EXPLOITDB php WORKING POC
Flyspray - Path Traversal
Directory traversal vulnerability in the installation file (sql/install-0.9.7.php) in Flyspray 0.9.7 allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the adodbpath parameter.
EIP-2026-106810 EXPLOITDB php WORKING POC
EkinBoard 1.0.3 - '/config.php' SQL Injection / Command Execution
CVE-2005-4171 EXPLOITDB php WORKING POC
eFiction 1.1 - RCE
The "Upload new image" command in the "Manage Images" eFiction 1.1, when members are allowed to upload images, allows remote attackers to execute arbitrary PHP code by uploading a filename with a .php extension that contains a GIF header, which passes the image validity check but executes any PHP code within the file.
EIP-2026-107128 EXPLOITDB php WORKING POC
Flatnuke 2.5.8 - 'userlang' Local Inclusion / Delete All Users
EIP-2026-107127 EXPLOITDB php WORKING POC
Flatnuke 2.5.8 - 'file()' Privilege Escalation / Code Execution
CVE-2006-3608 EXPLOITDB text WRITEUP
Simone Vellei Flatnuke <2.5.7 - Code Injection
The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file.
CVE-2005-4449 EXPLOITDB php WORKING POC
FlatNuke 2.5.6 - Code Injection
verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbitrary content, then this issue does not cross privilege boundaries and would not be a vulnerability.
CVE-2005-2814 EXPLOITDB text WORKING POC
FlatNuke 2.5.6 - XSS
Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the usr parameter in a vis_reg operation to index.php.
CVE-2005-2813 EXPLOITDB text WRITEUP
FlatNuke <2.5.6 - Path Traversal
Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) characters in the id parameter to the read mod in index.php.
CVE-2005-4208 EXPLOITDB php WORKING POC
Flatnuke - Path Traversal
Directory traversal vulnerability in Flatnuke 2.5.6 allows remote attackers to access arbitrary files via a .. (dot dot) and null byte (%00) in the id parameter of the read module.
CVE-2005-2539 EXPLOITDB text WORKING POC
Flatnuke - XSS
Multiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5 and possibly earlier versions allow remote attackers to inject arbitrary web script or HTML via the (1) bodycolor, (2) backimage, (3) theme, or (4) logo parameter to structure.php, (5) admin, (6) admin_mail, or (7) back parameter to footer.php, or (8) the message body in a news post.
CVE-2005-2539 EXPLOITDB text WORKING POC
Flatnuke - XSS
Multiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5 and possibly earlier versions allow remote attackers to inject arbitrary web script or HTML via the (1) bodycolor, (2) backimage, (3) theme, or (4) logo parameter to structure.php, (5) admin, (6) admin_mail, or (7) back parameter to footer.php, or (8) the message body in a news post.
EIP-2026-107078 EXPLOITDB text WORKING POC
FForm Sender 1.0 - 'Processform.php3?Name' Cross-Site Scripting
CVE-2006-0658 EXPLOITDB php WORKING POC
FCKeditor <2.2 - RCE
Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 and 2.2, as used in products such as RunCMS, allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions that are not listed in the Config[DeniedExtensions][File], such as .php.txt.