the_Edit0r

30 exploits Active since Nov 2006
CVE-2007-1248 EXPLOITDB text WRITEUP
built2go News Manager Blog 1.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in built2go News Manager Blog 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) cid, (2) uid, and (3) nid parameters to (a) news.php, and the nid parameter to (b) rating.php.
CVE-2007-1248 EXPLOITDB text WRITEUP
built2go News Manager Blog 1.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in built2go News Manager Blog 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) cid, (2) uid, and (3) nid parameters to (a) news.php, and the nid parameter to (b) rating.php.
CVE-2007-2310 EXPLOITDB text WORKING POC
Bloofoxcms - XSS
Cross-site scripting (XSS) vulnerability in plugins/spaw/img_popup.php in BloofoxCMS 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the img_url parameter.
CVE-2006-6020 EXPLOITDB text WRITEUP
Blog Torrent Preview - XSS
Cross-site scripting (XSS) vulnerability in announce.php in Blog Torrent Preview 0.92 allows remote attackers to inject arbitrary web script or HTML via the left parameter.
CVE-2007-2857 EXPLOITDB text WRITEUP
ABC Excel Parser Pro 4.0 - RCE
PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remote attackers to execute arbitrary PHP code via a URL in the parser_path parameter.