simo64

23 exploits Active since Apr 2006
CVE-2006-4865 EXPLOITDB perl WORKING POC
Walter Beschmout PhpQuiz - Info Disclosure
Walter Beschmout PhpQuiz allows remote attackers to obtain sensitive information via a direct request to cfgphpquiz/install.php and other unspecified vectors.
CVE-2006-4920 EXPLOITDB perl WORKING POC
Site@School <2.4.02 - Remote Code Execution
Multiple PHP remote file inclusion vulnerabilities in Site@School (S@S) 2.4.02 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to (1) starnet/modules/sn_allbum/slideshow.php, and (2) starnet/themes/editable/main.inc.php.
CVE-2006-4919 EXPLOITDB perl WORKING POC
Site@School <2.4.02 - Path Traversal
Directory traversal vulnerability in starnet/editors/htmlarea/popups/images.php in Site@School (S@S) 2.4.02 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter.
CVE-2006-4978 EXPLOITDB perl WORKING POC
Walter Beschmout PhpQuiz <1.2 - SQL Injection
Multiple SQL injection vulnerabilities in Walter Beschmout PhpQuiz 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the univers parameter in score.php and (2) the quiz_id parameter in home.php, accessed through the front/ URI.
CVE-2006-4977 EXPLOITDB perl WORKING POC
Walter Beschmout PhpQuiz <1.2 - Unrestricted File Upload
Multiple unrestricted file upload vulnerabilities in (1) back/upload_img.php and (2) admin/upload_img.php in Walter Beschmout PhpQuiz 1.2 and earlier allow remote attackers to upload arbitrary PHP code to the phpquiz/img_quiz folder via the (a) upload, (b) ok_update, (c) image, and (d) path parameters, possibly requiring directory traversal sequences in the path parameter.
CVE-2006-3194 EXPLOITDB text WRITEUP
singapore <= 0.10.0 - Directory Traversal via Gallery and Template Parameters
Directory traversal vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) gallery and (2) template parameter.
CVE-2006-4922 EXPLOITDB perl WORKING POC
Site@School <2.4.02 - Remote Code Execution
Unrestricted file upload vulnerability in starnet/editors/htmlarea/popups/images.php in Site@School (S@S) 2.4.02 and earlier allows remote attackers to upload and execute arbitrary files with executable extensions.
CVE-2006-1704 EXPLOITDB text WORKING POC
Sire 2.0 - Unauthenticated Arbitrary File Upload via upload.php
Sire 2.0 nws allows remote attackers to upload arbitrary image files without authentication via a direct request to upload.php.
EIP-2026-112174 EXPLOITDB text WORKING POC
Sire 2.0 - '/lire.php' Remote File Inclusion / Arbitrary File Upload
CVE-2006-3195 EXPLOITDB text WRITEUP
singapore < 0.10.0 - Cross-Site Scripting via Template Parameter
Cross-site scripting (XSS) vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the template parameter.
EIP-2026-111893 EXPLOITDB perl WORKING POC
SAPID CMS 1.2.3_rc3 - 'rootpath' Remote Code Execution
CVE-2006-3309 EXPLOITDB perl WORKING POC
Scout Portal Toolkit <1.4.0 - SQL Injection
SQL injection vulnerability in SPT--ForumTopics.php in Scout Portal Toolkit (SPT) 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
CVE-2006-4979 EXPLOITDB perl WORKING POC
Walter Beschmout PhpQuiz <1.2 - Code Injection
Direct static code injection vulnerability in cfgphpquiz/install.php in Walter Beschmout PhpQuiz 1.2 and earlier allows remote attackers to inject arbitrary PHP code in config.inc.php via modified configuration settings.
CVE-2006-4114 EXPLOITDB perl WORKING POC
phpmyring < 4.2 - SQL Injection via idsite Parameter
SQL injection vulnerability in view_com.php in Nicolas Grandjean PHPMyRing 4.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idsite parameter.
CVE-2006-3295 EXPLOITDB text WRITEUP
Open Guestbook 0.5 - Cross-Site Scripting via Title Parameter
Cross-site scripting (XSS) vulnerability in header.php in Open Guestbook 0.5 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
CVE-2006-3296 EXPLOITDB text WRITEUP
Open Guestbook 0.5 - SQL Injection via Offset Parameter
SQL injection vulnerability in view.php in Open Guestbook 0.5 allows remote attackers to execute arbitrary SQL commands via the offset parameter.
CVE-2006-3884 EXPLOITDB text WRITEUP
Gonafish LinksCaffe 3.0 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify PHP files using OUTFILE.
CVE-2006-3883 EXPLOITDB text WRITEUP
Gonafish LinksCaffe 3.0 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php.
CVE-2006-3883 EXPLOITDB text WRITEUP
Gonafish LinksCaffe 3.0 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php.
CVE-2006-3883 EXPLOITDB text WORKING POC
Gonafish LinksCaffe 3.0 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php.
CVE-2006-3616 EXPLOITDB text WORKING POC
Carbonize Lazarus Guestbook <= 1.6 - Cross-Site Scripting via show and img Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Carbonize Lazarus Guestbook 1.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the show parameter in codes-english.php and (2) the img parameter in picture.php, after the name of an existing file.
CVE-2006-3616 EXPLOITDB text WRITEUP
Carbonize Lazarus Guestbook <= 1.6 - Cross-Site Scripting via show and img Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Carbonize Lazarus Guestbook 1.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the show parameter in codes-english.php and (2) the img parameter in picture.php, after the name of an existing file.
CVE-2006-5221 EXPLOITDB perl WORKING POC
Cahier de texte 2.0 - SQL Injection via matiere_ID or classe_ID Parameter
Multiple SQL injection vulnerabilities in Cahier de texte 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) matiere_ID parameter in lire.php or the (2) classe_ID parameter in lire_a_faire.php.