rgod

471 exploits Active since Jul 2005

EIP-2026-107368 EXPLOITDB php WORKING POC

Geeklog 1.5.2 - 'SEC_authenticate()' SQL Injection

View Code

CVE-2006-3362 EXPLOITDB php WORKING POC

FCKeditor mcpuk - Unrestricted File Upload

Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed, such as .zip.

View Code

CVE-2006-1348 EXPLOITDB php WORKING POC

gCards < 1.45 - Cross-Site Scripting via lang[*][file] Parameter

Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang[*][file] parameter, which is injected into an error message. NOTE: this issue might be resultant from CVE-2006-1346.

View Code

CVE-2006-1219 EXPLOITDB php WORKING POC

Gallery < 2.0.4 and 2.1 < RC-2a - Directory Traversal via stepOrder Parameter

Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.

View Code

CVE-2005-2569 EXPLOITDB text WORKING POC

funkboard < 0.66f - Cross-Site Scripting via Multiple Parameters

Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.

View Code

CVE-2005-2569 EXPLOITDB text WORKING POC

funkboard < 0.66f - Cross-Site Scripting via Multiple Parameters

Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.

View Code

CVE-2005-2569 EXPLOITDB text WORKING POC

funkboard < 0.66f - Cross-Site Scripting via Multiple Parameters

Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.

View Code

CVE-2005-2569 EXPLOITDB text WORKING POC

funkboard < 0.66f - Cross-Site Scripting via Multiple Parameters

Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.

View Code

CVE-2005-2569 EXPLOITDB text WORKING POC

funkboard < 0.66f - Cross-Site Scripting via Multiple Parameters

Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.

View Code

CVE-2005-2569 EXPLOITDB text WORKING POC

funkboard < 0.66f - Cross-Site Scripting via Multiple Parameters

Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.

View Code

EIP-2026-107197 EXPLOITDB text WRITEUP

Forum 5 - 'pm.php' Local File Inclusion

View Code

EIP-2026-107189 EXPLOITDB text WORKING POC

Form Sender 1.0 - 'Processform.php3?Failed' Cross-Site Scripting

View Code

CVE-2006-0714 EXPLOITDB php WORKING POC

Flyspray 0.9.7 - Directory Traversal via adodbpath Parameter

Directory traversal vulnerability in the installation file (sql/install-0.9.7.php) in Flyspray 0.9.7 allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the adodbpath parameter.

View Code

EIP-2026-106810 EXPLOITDB php WORKING POC

EkinBoard 1.0.3 - '/config.php' SQL Injection / Command Execution

View Code

CVE-2005-4171 EXPLOITDB php WORKING POC

eFiction 1.1 - Remote Code Execution via GIF Header Bypass in Image Upload

The "Upload new image" command in the "Manage Images" eFiction 1.1, when members are allowed to upload images, allows remote attackers to execute arbitrary PHP code by uploading a filename with a .php extension that contains a GIF header, which passes the image validity check but executes any PHP code within the file.

View Code

EIP-2026-107128 EXPLOITDB php WORKING POC

Flatnuke 2.5.8 - 'userlang' Local Inclusion / Delete All Users

View Code

EIP-2026-107127 EXPLOITDB php WORKING POC

Flatnuke 2.5.8 - 'file()' Privilege Escalation / Code Execution

View Code

CVE-2006-3608 EXPLOITDB text WRITEUP

Simone Vellei Flatnuke <2.5.7 - Code Injection

The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file.

View Code

CVE-2005-4449 EXPLOITDB php WORKING POC

FlatNuke 2.5.6 - Authenticated Arbitrary PHP File Modification via verify.php

verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbitrary content, then this issue does not cross privilege boundaries and would not be a vulnerability.

View Code

CVE-2005-2814 EXPLOITDB text WORKING POC

FlatNuke 2.5.6 - Cross-Site Scripting via usr Parameter in vis_reg Operation

Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the usr parameter in a vis_reg operation to index.php.

View Code

CVE-2005-2813 EXPLOITDB text WRITEUP

FlatNuke 2.5.6 - Directory Traversal via id Parameter

Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) characters in the id parameter to the read mod in index.php.

View Code

CVE-2005-4208 EXPLOITDB php WORKING POC

Flatnuke 2.5.6 - Directory Traversal via Read Module ID Parameter

Directory traversal vulnerability in Flatnuke 2.5.6 allows remote attackers to access arbitrary files via a .. (dot dot) and null byte (%00) in the id parameter of the read module.

View Code

CVE-2005-2539 EXPLOITDB text WORKING POC

FlatNuke 2.5.5 - Cross-Site Scripting via Multiple Parameters

Multiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5 and possibly earlier versions allow remote attackers to inject arbitrary web script or HTML via the (1) bodycolor, (2) backimage, (3) theme, or (4) logo parameter to structure.php, (5) admin, (6) admin_mail, or (7) back parameter to footer.php, or (8) the message body in a news post.

View Code

CVE-2005-2539 EXPLOITDB text WORKING POC

FlatNuke 2.5.5 - Cross-Site Scripting via Multiple Parameters

Multiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5 and possibly earlier versions allow remote attackers to inject arbitrary web script or HTML via the (1) bodycolor, (2) backimage, (3) theme, or (4) logo parameter to structure.php, (5) admin, (6) admin_mail, or (7) back parameter to footer.php, or (8) the message body in a news post.

View Code

EIP-2026-107078 EXPLOITDB text WORKING POC

FForm Sender 1.0 - 'Processform.php3?Name' Cross-Site Scripting

View Code