t0pP8uZz

120 exploits Active since Jun 2007
CVE-2008-6523 EXPLOITDB perl WORKING POC
openInvoice 0.90 beta and earlier - Unauthenticated Authentication Bypass via oiauth Cookie
auth.php in openInvoice 0.90 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the oiauth cookie. NOTE: this can be leveraged with a separate vulnerability in resetpass.php to modify passwords for arbitrary users.
CVE-2007-3589 EXPLOITDB text WORKING POC
b1gbb 2.24.0 - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in b1gbb 2.24.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) showthread.php or (2) showboard.php.
CVE-2007-3447 EXPLOITDB text WORKING POC
BugMall Shopping Cart 2.5 - SQL Injection via Basic Search Box
SQL injection vulnerability in BugMall Shopping Cart 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the "basic search box." NOTE: 4.0.2 and other versions might also be affected.
CVE-2007-3446 EXPLOITDB text WORKING POC
BugMall Shopping Cart <2.5 - Info Disclosure
BugMall Shopping Cart 2.5 and earlier has a default username "demo" and password "demo," which allows remote attackers to obtain login access.
CVE-2007-3433 EXPLOITDB text WORKING POC
Pharmacy System < 2 - SQL Injection via ID Parameter
SQL injection vulnerability in index.php in Pharmacy System 2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter in an add action.
CVE-2008-5123 EXPLOITDB text WORKING POC
CCleague Pro 1.2 - SQL Injection via admin.php u Parameter
SQL injection vulnerability in admin.php in CCleague Pro 1.2 allows remote attackers to execute arbitrary SQL commands via the u parameter.
CVE-2008-4877 EXPLOITDB text WRITEUP
WebCards < 1.3 - SQL Injection via User Parameter
SQL injection vulnerability in admin.php in WebCards 1.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-2920 EXPLOITDB text WRITEUP
eztechhelp_ezcms < 1.2 - Unauthenticated Arbitrary File Manipulation via File Manager
admin/filemanager/ (aka the File Manager) in EZTechhelp EZCMS 1.2 and earlier does not require authentication, which allows remote attackers to create, modify, read, and delete files.
CVE-2008-2857 EXPLOITDB text WORKING POC
AlstraSoft AskMe Pro < 2.1 - Cleartext Password Storage
AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
CVE-2008-2278 EXPLOITDB text WORKING POC
Freelance Auction Script 1.0 - SQL Injection via browseproject.php pid Parameter
SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a pdetails action.
CVE-2008-1772 EXPLOITDB text WORKING POC
iScripts SocialWare - Info Disclosure
iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent attackers to obtain sensitive information.
CVE-2008-1711 EXPLOITDB text WORKING POC
Terong PHP Photo Gallery 1.0 - Info Disclosure
Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
CVE-2008-1790 EXPLOITDB text WORKING POC
iScripts SocialWare - Authenticated Arbitrary File Upload via Logo File
Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitation is facilitated by a separate SQL injection vulnerability.
CVE-2008-0429 EXPLOITDB text WORKING POC
AlstraSoft Forum Pay Per Post Exchange 2.0 - SQL Injection via catid Parameter
SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a forum_catview action.
CVE-2008-2922 EXPLOITDB perl WORKING POC
dana_irc_client < 1.3 - Stack-based Buffer Overflow via Long IRC Message
Stack-based buffer overflow in artegic Dana IRC client 1.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long IRC message.
CVE-2008-5216 EXPLOITDB text WORKING POC
AJ Square ZeusCart <2.0 - SQL Injection
SQL injection vulnerability in category_list.php in AJ Square ZeusCart 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2007-3518 EXPLOITDB text WORKING POC
hispah youtube_clone_script - SQL Injection via msg.php id Parameter
SQL injection vulnerability in msg.php in HispaH YouTube Clone Script (youtubeclone) allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-3981 EXPLOITDB text WORKING POC
WSN Links Basic Edition - SQL Injection via catid Parameter
SQL injection vulnerability in index.php in WSN Links Basic Edition allows remote attackers to execute arbitrary SQL commands via the catid parameter in a displaycat action.
CVE-2008-6714 EXPLOITDB text WORKING POC
xeCMS <= 1.0.0 RC2 - Unauthenticated Authentication Bypass via xecms_username Cookie
admin.php in xeCMS 1.0.0 RC2 and earlier allows remote attackers to bypass authentication and access the admin panel by setting the xecms_username cookie.
CVE-2008-1874 EXPLOITDB perl WORKING POC
xpoze_pro < 3.05 - Authenticated SQL Injection via reed Parameter
SQL injection vulnerability in account/user/mail.html in Xpoze Pro 3.05 and earlier allows remote authenticated users to execute arbitrary SQL commands via the reed parameter.
CVE-2008-6811 EXPLOITDB perl WORKING POC
e-Commerce Plugin < 3.4 - Unauthenticated Arbitrary File Upload and Remote Code Execution via image_processing.php
Unrestricted file upload vulnerability in image_processing.php in the e-Commerce Plugin 3.4 and earlier for Wordpress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/plugins/wp-shopping-cart/.
CVE-2008-4878 EXPLOITDB text WRITEUP
WebCards < 1.3 - Authenticated Arbitrary File Upload via Add Image Macro
Unrestricted file upload vulnerability in the "Add Image Macro" feature in WebCards 1.3 allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the uploaded file.
CVE-2008-2298 EXPLOITDB text WORKING POC
Web Slider 0.6 - Unauthenticated Privilege Escalation via Admin Cookie
Admin.php in Web Slider 0.6 allows remote attackers to bypass authentication and gain privileges by setting the admin cookie to 1.
EIP-2026-113248 EXPLOITDB text WRITEUP
WebBoard 2.0 - Arbitrary SQL Question/Anwser Delete
CVE-2008-6209 EXPLOITDB text WORKING POC
Vastal I-Tech Software Zone - SQL Injection via view_product.php cat_id Parameter
SQL injection vulnerability in view_product.php in Vastal I-Tech Software Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.