rgod

470 exploits Active since Jul 2005
CVE-2006-7080 EXPLOITDB php WORKING POC
Exv2 Content Management System < 2.0.4.3 - Path Traversal
Directory traversal vulnerability in the avatar upload feature in exV2 2.0.4.3 and earlier allows remote attackers to delete arbitrary files via ".." sequences in the old_avatar parameter.
CVE-2006-4963 EXPLOITDB php WORKING POC
Exponent CMS 0.96.3 - Path Traversal
Directory traversal vulnerability in index.php in Exponent CMS 0.96.3 allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence in the view parameter in the show_view action in the calendarmodule module, as demonstrated by executing PHP code through session files.
EIP-2026-107078 EXPLOITDB text WORKING POC
FForm Sender 1.0 - 'Processform.php3?Name' Cross-Site Scripting
CVE-2006-3608 EXPLOITDB text WRITEUP
Simone Vellei Flatnuke <2.5.7 - Code Injection
The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file.
EIP-2026-106810 EXPLOITDB php WORKING POC
EkinBoard 1.0.3 - '/config.php' SQL Injection / Command Execution
CVE-2005-2813 EXPLOITDB text WRITEUP
FlatNuke <2.5.6 - Path Traversal
Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) characters in the id parameter to the read mod in index.php.
CVE-2006-5561 EXPLOITDB php WORKING POC
Discuz Gbk - SQL Injection
SQL injection vulnerability in admincp.php in Discuz! GBK 5.0.0 allows remote attackers to execute arbitrary SQL commands via the cdb_auth cookie.
CVE-2006-2743 EXPLOITDB php WORKING POC
Drupal <4.6.7 & 4.7.0 - RCE
Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory.
CVE-2008-7153 EXPLOITDB php WORKING POC
Docebo <3.5.0.3 - SQL Injection
SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitrary PHP code using the INTO DUMPFILE command.
CVE-2005-4554 EXPLOITDB php WORKING POC
DEV web management system <1.5 - SQL Injection
Multiple SQL injection vulnerabilities in DEV web management system 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter in an openforum action (openforum.php) in index.php, (2) cat parameter in getfile.php, and (3) target parameter in download_now.php.
CVE-2006-1916 EXPLOITDB text WORKING POC
Dbbs < 2.0-alpha - XSS
Multiple cross-site scripting (XSS) vulnerabilities in profile.php in DbbS 2.0-alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ulocation or (2) uhobbies parameters.
EIP-2026-106487 EXPLOITDB text WORKING POC
DoceboLms 2.0.x - 'connector.php' Directory Traversal
CVE-2005-3236 EXPLOITDB php WORKING POC
Cynox Cyphor - SQL Injection
Multiple SQL injection vulnerabilities in Cyphor 0.19 allow remote attackers to execute arbitrary SQL and obtain administrative access via (1) the fid parameter of newmsg.php, which can enable XSS attacks when the SQL syntax is invalid or (2) the nick parameter of lostpwd.php.
EIP-2026-106469 EXPLOITDB php WORKING POC
Discuz! 4.x - SQL Injection / Admin Credentials Disclosure
CVE-2006-0687 EXPLOITDB php WORKING POC
DocMGR 0.54.2 - Code Injection
process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is made, which allows remote attackers to include arbitrary local files or possibly remote files via a modified includeModule and siteModInfo variable.
CVE-2005-3575 EXPLOITDB php WORKING POC
Cynox Cyphor < 0.19 - SQL Injection
SQL injection vulnerability in show.php in Cyphor 0.19 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-106510 EXPLOITDB php WORKING POC
DokuWiki 2006-03-09b - 'dwpage.php' Remote Code Execution
CVE-2006-4558 EXPLOITDB php WORKING POC
Deluxebb < 1.06 - Unrestricted File Upload
DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php.
CVE-2006-2866 EXPLOITDB php WORKING POC
DotClear <1.2.4 - RCE
PHP remote file inclusion vulnerability in layout/prepend.php in DotClear 1.2.4 and earlier allows remote attackers to execute arbitrary PHP code via a FTP URL in the blog_dc_path parameter, which passes file_exists() and is_dir() tests on PHP 5.
EIP-2026-106662 EXPLOITDB php WORKING POC
e107 < 0.75 - GLOBALS Overwrite Remote Code Execution
EIP-2026-106511 EXPLOITDB php WORKING POC
DokuWiki 2006-03-09b - 'dwpage.php' System Disclosure
CVE-2005-4095 EXPLOITDB php WORKING POC
Docebolms - Path Traversal
Directory traversal vulnerability in connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to list arbitrary files and directories via ".." sequences in the Type parameter in a GetFoldersAndFiles command.
EIP-2026-106449 EXPLOITDB text WORKING POC
Digital Scribe 1.4 - Login SQL Injection
CVE-2006-0583 EXPLOITDB php WORKING POC
Clever Copy - SQL Injection
SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2006-1595 EXPLOITDB text WRITEUP
Claroline <1.7.4 - XSS
Cross-site scripting (XSS) vulnerability in document/rqmkhtml.php in Claroline 1.7.4 and earlier allows remote attackers to read arbitrary files via ".." sequences in the file parameter in a rqEditHtml command.