sn0oPy

7 exploits Active since Feb 2007
CVE-2007-0873 EXPLOITDB text WRITEUP
nabopoll 1.1.2 - Auth Bypass
nabopoll 1.1.2 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for (1) config_edit.php, (2) template_edit.php, or (3) survey_edit.php in admin/.
EIP-2026-109119 EXPLOITDB text WRITEUP
Liens_Dynamiques 2.1 - 'AdminLien.php' Security Restriction Bypass
EIP-2026-109120 EXPLOITDB text WRITEUP
Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities
CVE-2007-1043 EXPLOITDB text WRITEUP
Ezboo webstats - Auth Bypass
Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php.
CVE-2007-1020 EXPLOITDB text WORKING POC
CedStat 1.31 - XSS
Cross-site scripting (XSS) vulnerability in index.php in CedStat 1.31 allows remote attackers to inject arbitrary web script or HTML via the hier parameter.
CVE-2007-1020 EXPLOITDB text WRITEUP
CedStat 1.31 - XSS
Cross-site scripting (XSS) vulnerability in index.php in CedStat 1.31 allows remote attackers to inject arbitrary web script or HTML via the hier parameter.
CVE-2007-1050 EXPLOITDB text WORKING POC
AbleDesign MyCalendar - XSS
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via (1) the go parameter, (2) the keyword parameter in the search menu (go=search), or (3) the username or (4) the password in a go=Login action.