trueend5 - Security Researcher - Exploit Intelligence Platform

CVE-2007-6079 EXPLOITDB text WRITEUP

bcoos 1.0.10 - Path Traversal and Arbitrary File Execution via xoopsOption[pagetype] Parameter

Directory traversal vulnerability in include/common.php in bcoos 1.0.10 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the xoopsOption[pagetype] parameter to the default URI for modules/news/. NOTE: this can be leveraged by using legitimate product functionality to upload a file that contains the code, then including that file.

View Code

CVE-2005-0741 EXPLOITDB text WORKING POC

YaBB 2.0 RC1 - Cross-Site Scripting via Username Parameter in Usersrecentposts Action

Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a usersrecentposts action.

View Code

EIP-2026-112990 EXPLOITDB text WORKING POC

vBulletin 3.5.2 - Event Title HTML Injection

View Code

CVE-2005-4139 EXPLOITDB text WRITEUP

ThWboard < 3 Beta 2.84 - SQL Injection via Calendar Year Parameter

Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84 allow remote attackers to execute arbitrary SQL commands via the (1) year parameter in calendar.php, (2) user parameter array in v_profile.php, and (3) the userid parameter in misc.php.

View Code

CVE-2005-4139 EXPLOITDB text WRITEUP

ThWboard < 3 Beta 2.84 - SQL Injection via Calendar Year Parameter

Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84 allow remote attackers to execute arbitrary SQL commands via the (1) year parameter in calendar.php, (2) user parameter array in v_profile.php, and (3) the userid parameter in misc.php.

View Code

CVE-2005-4139 EXPLOITDB text WRITEUP

ThWboard < 3 Beta 2.84 - SQL Injection via Calendar Year Parameter

Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84 allow remote attackers to execute arbitrary SQL commands via the (1) year parameter in calendar.php, (2) user parameter array in v_profile.php, and (3) the userid parameter in misc.php.

View Code

EIP-2026-111827 EXPLOITDB php SCANNER

RunCMS 1.6 - 'disclaimer.php' Remote File Overwrite

View Code

EIP-2026-111828 EXPLOITDB text WRITEUP

RunCMS 1.6 - Local File Inclusion

View Code

CVE-2005-3770 EXPLOITDB text WRITEUP

Phppost - Cross-Site Scripting

Multiple cross-site scripting (XSS) vulnerabilities in PHP-Post (PHPp) 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the subject in a post, or the user parameter to (2) profile.php and (3) mail.php.

View Code

CVE-2005-3770 EXPLOITDB text WRITEUP

Phppost - Cross-Site Scripting

Multiple cross-site scripting (XSS) vulnerabilities in PHP-Post (PHPp) 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the subject in a post, or the user parameter to (2) profile.php and (3) mail.php.

View Code

CVE-2005-2979 EXPLOITDB text WRITEUP

phpoutsourcing Noah's classifieds - SQL Injection

SQL injection vulnerability in index.php in phpoutsourcing Noah's classifieds allows remote attackers to execute arbitrary SQL commands via the rollid parameter.

View Code

CVE-2006-0880 EXPLOITDB text WORKING POC

Noah's Classifieds 1.3 - Cross-Site Scripting via inf, upperTemplate, or lowerTemplate Parameters

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Noah's Classifieds 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) inf parameter; or, when register_globals is enabled, the (2) upperTemplate and (3) lowerTemplate parameters.

View Code

CVE-2006-0881 EXPLOITDB text WRITEUP

Noah's Classifieds 1.3 - Remote File Inclusion via upperTemplate or lowerTemplate Parameter

Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php in Noah's Classifieds 1.3, when register_globals is enabled, allow remote attackers to include arbitrary PHP files via the (1) upperTemplate and (2) lowerTemplate parameters, as demonstrated using the lowerTemplate parameter to index.php.

View Code

CVE-2006-0882 EXPLOITDB text WORKING POC

Noah's Classifieds 1.3 - Directory Traversal via otherTemplate Parameter

Directory traversal vulnerability in include.php in Noah's Classifieds 1.3 allows remote attackers to include arbitrary local files via the otherTemplate parameter to index.php.

View Code

CVE-2006-0879 EXPLOITDB text WORKING POC

Noah's Classifieds 1.3 - SQL Injection via Search Tool

SQL injection vulnerability in the search tool in Noah's Classifieds 1.3 allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors.

View Code

CVE-2005-2980 EXPLOITDB text WORKING POC

phpoutsourcing Noah's classifieds <1.3 - XSS

Cross-site scripting (XSS) vulnerability in index.php in phpoutsourcing Noah's classifieds 1.3 allows remote attackers to inject arbitrary web script or HTML via the rollid parameter.

View Code

EIP-2026-109946 EXPLOITDB php WORKING POC

Noahs Classifieds 1.3 - 'lowerTemplate' Remote Code Execution

View Code

EIP-2026-108832 EXPLOITDB php WORKING POC

Joomla! Component Poll 1.0.10 - Arbitrary Add Votes

View Code

EIP-2026-108168 EXPLOITDB php WORKING POC

Joomla! 1.0.7 / Mambo 4.5.3 - 'feed' Full Path Disclosure / Denial of Service

View Code

CVE-2006-2699 EXPLOITDB text WRITEUP

Geeklog <= 1.4.0sr2 - Cross-Site Scripting via getimage.php Image Parameter

Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to inject arbitrary HTML or web script via the image argument in a show action.

View Code

CVE-2005-3638 EXPLOITDB text WORKING POC

ekinboard 1.0.3 - Cross-Site Scripting via Profile ID Parameter and Post Titles

Cross-site scripting (XSS) vulnerabilities in Ekinboard 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in profile.php and (2) titles of posts.

View Code

CVE-2007-6080 EXPLOITDB text WRITEUP

bcoos 1.0.10 and 1.0.13 - SQL Injection via bid Parameter

SQL injection vulnerability in modules/banners/click.php in the banners module for bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the bid parameter. NOTE: it was later reported that 1.0.13 is also affected.

View Code

CVE-2005-4461 EXPLOITDB text WRITEUP

Beehive Forum <0.6.2 - SQL Injection

SQL injection vulnerability in index.php in Beehive Forum 0.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user_sess parameter.

View Code

CVE-2006-1224 EXPLOITDB php WORKING POC

GuppY 4.5.11 - Directory Traversal and Arbitrary File Write via dwnld.php pg Parameter

Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows remote attackers to overwrite arbitrary files via a "%2E." (mixed encoding) in the pg parameter.

View Code

EIP-2026-100481 EXPLOITDB text WRITEUP

PersianBlog - 'Userslist.asp' SQL Injection

View Code