s4avrd0w

12 exploits Active since Dec 2008
CVE-2008-5730 EXPLOITDB text WRITEUP
AIST NetCat <= 3.12 - CRLF Injection via Cookie and add.php
Multiple CRLF injection vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to have an unknown impact via unspecified vectors involving (1) a %0a sequence in a cookie and (2) the add.php file.
CVE-2008-5729 EXPLOITDB text WRITEUP
AIST NetCat <= 3.12 - Cross-Site Scripting via FCKeditor Parameters
Multiple cross-site scripting (XSS) vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) form and (2) control parameters to FCKeditor/neditor.php, and the (3) path parameter to admin/siteinfo/iframe.inc.php.
CVE-2008-5728 EXPLOITDB text WRITEUP
AIST NetCat <= 3.12 - Remote File Inclusion via Path Traversal
Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the system parameter in modules/netshop/post.php; and the INCLUDE_FOLDER parameter in (2) auth.inc.php, (3) banner.inc.php, (4) blog.inc.php, and (5) forum.inc.php in modules/.
CVE-2008-5878 EXPLOITDB text WRITEUP
Phpclanwebsite < Fix Pack 5 - Path Traversal
Multiple directory traversal vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary files via a .. (dot dot) in the (1) boxname parameter to theme/superchrome/box.php and the (2) theme parameter to phpclanwebsite/footer.php.
CVE-2008-5877 EXPLOITDB text WRITEUP
Phpclanwebsite <1.23.3.5 - SQL Injection
Multiple SQL injection vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) form_id parameter to pcw/processforms.php, (3) pcwlogin and (4) pcw_pass parameters to pcw/setlogin.php, (5) searchvalue parameter to pcw/downloads.php, and the (6) searchvalue and (7) whichfield parameter to pcw/downloads.php, a different vector than CVE-2006-0444.
CVE-2008-5879 EXPLOITDB text WRITEUP
phpclanwebsite < 1.23.3 - Cross-Site Scripting via Page Parameter
Cross-site scripting (XSS) vulnerability in index.php in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, allows remote attackers to inject arbitrary web script or HTML via the page parameter and other unspecified vectors.
CVE-2008-6844 EXPLOITDB php WORKING POC
eZ Publish < 3.5.6 - Privilege Escalation via Registration Form Parameter Manipulation
The registration view (/user/register) in eZ Publish 3.5.6 and earlier, and possibly other versions before 3.9.5, 3.10.1, and 4.0.1, allows remote attackers to gain privileges as other users via modified ContentObjectAttribute_data_user_login_30, ContentObjectAttribute_data_user_password_30, and other parameters.
EIP-2026-107003 EXPLOITDB php WORKING POC
EZ Publish < 3.9.5/3.10.1/4.0.1 - 'token' Privilege Escalation
EIP-2026-107002 EXPLOITDB text WORKING POC
EZ Publish 3.9.0/3.9.5/3.10.1 - Command Execution (Admin Required)
CVE-2008-6853 EXPLOITDB php WORKING POC
AIST NetCat 3.0 and 3.12 - SQL Injection via PollID Parameter
SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter.
CVE-2008-5742 EXPLOITDB text WRITEUP
AIST NetCat <= 3.12 - Open Redirect via Logoff or Link Manager
Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the redirect parameter in a logoff action to modules/auth/index.php or (2) the url parameter to modules/linkmanager/redirect.php. NOTE: this was reported within an "HTTP Response Splitting" section in the original disclosure.
CVE-2008-5727 EXPLOITDB php WORKING POC
AIST NetCat < 3.12 - SQL Injection via Password Recovery Query String
SQL injection vulnerability in modules/auth/password_recovery.php in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the query string.