waraxe

59 exploits Active since Apr 2004
EIP-2026-112752 EXPLOITDB text WRITEUP
torrenttrader 2.08 - Multiple Vulnerabilities
CVE-2009-2161 EXPLOITDB text WRITEUP
TorrentTrader Classic 1.09 - Path Traversal
Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic 1.09, when used on a case-insensitive web site, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ss_uri parameter, in conjunction with a modified component name.
EIP-2026-112470 EXPLOITDB text WORKING POC
Sugar CRM 5.5.0.rc2/5.2.0j - Multiple Vulnerabilities
CVE-2009-0678 EXPLOITDB text WRITEUP
RavenNuke 2.30 - Exposure of Sensitive Information via Invalid aFonts Parameter
images/captcha.php in RavenNuke 2.30 allows remote attackers to obtain sensitive information via an aFonts array parameter value that does not correspond to a valid font file, which reveals the installation path in an error message.
EIP-2026-111902 EXPLOITDB text WRITEUP
Saurus CMS 4.7.1 - Multiple Vulnerabilities
CVE-2004-1962 EXPLOITDB text WRITEUP
Protector System 1.15b1 - SQL Injection via Comment Sequence Bypass
SQL injection vulnerability in index.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection filters by using "/**/" sequences in the targeted fields.
CVE-2004-1960 EXPLOITDB text WRITEUP
Protector System 1.15b1 - Cross-Site Scripting via blocker_query.php target or portNum Parameters
Cross-site scripting (XSS) vulnerability in blocker_query.php in Protector System 1.15b1 allows remote attackers to inject arbitrary web script or HTML via the (1) target or (2) portNum parameters.
CVE-2013-3241 EXPLOITDB text WRITEUP
phpMyAdmin <4.0.0-rc3 - Code Injection
export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request.
CVE-2013-1937 EXPLOITDB MEDIUM text WORKING POC
phpMyAdmin < 3.5.8 - Cross-Site Scripting via visualizationSettings Parameters
Multiple cross-site scripting (XSS) vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the (1) visualizationSettings[width] or (2) visualizationSettings[height] parameter. NOTE: a third party reports that this is "not exploitable.
CVSS 6.1
EIP-2026-111146 EXPLOITDB text WRITEUP
phpMyBitTorrent 2.04 - Multiple Vulnerabilities
EIP-2026-110857 EXPLOITDB text WRITEUP
PHP-Nuke 6.x/7.x - Multiple Cross-Site Scripting Vulnerabilities
CVE-2004-1930 EXPLOITDB text WORKING POC
PHP-Nuke 6.x-7.2 - Cross-Site Scripting via Base64-Encoded User Parameter or Cookie
Cross-site scripting (XSS) vulnerability in the cookiedecode function in mainfile.php for PHP-Nuke 6.x through 7.2, when themes are used, allows remote attackers to inject arbitrary web script or HTML via a base64-encoded user parameter or cookie.
CVE-2004-2018 EXPLOITDB text WORKING POC
Php-Nuke 6.x-7.3 - Remote File Inclusion via modpath Parameter
PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x through 7.3 allows remote attackers to execute arbitrary PHP code by modifying the modpath parameter to reference a URL on a remote web server that contains the code.
CVE-2007-2339 EXPLOITDB html WORKING POC
Phorum < 5.1.20 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in Phorum before 5.1.22 allow remote attackers to execute arbitrary SQL commands via (1) a modified recipients parameter name in (a) pm.php; (2) the curr parameter to the (b) badwords (aka censorlist) or (c) banlist module in admin.php; or (3) the "Edit groups / Add group" field in the (d) groups module in admin.php.
CVE-2013-7375 EXPLOITDB text WRITEUP
PHP-Fusion <7.02.05 - SQL Injection
SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 through 7.02.05 allows remote attackers to execute arbitrary SQL commands via the user ID in a user cookie, a different vulnerability than CVE-2013-1803.
CVE-2007-5092 EXPLOITDB text WORKING POC
Dance Music Module for phpNuke - Path Traversal via ACCEPT_FILE Array Parameter
Directory traversal vulnerability in index.php in the Dance Music module for phpNuke, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in an ACCEPT_FILE array parameter to modules.php.
CVE-2006-0805 EXPLOITDB html WORKING POC
php-Nuke 6.0-7.9 - CAPTCHA Bypass via Fixed Challenge/Response Pairs
The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed challenge/response pairs that only vary once per day based on the User Agent (HTTP_USER_AGENT), which allows remote attackers to bypass CAPTCHA controls by fixing the User Agent, performing a valid challenge/response, then replaying that pair in the random_num and gfx_check parameters.
EIP-2026-110862 EXPLOITDB text WORKING POC
PHP-Nuke 7.8 - 'Mainfile.php' SQL Injection
CVE-2004-1929 EXPLOITDB text WORKING POC
PHP-Nuke 6.x-7.2 - SQL Injection via User Parameter
SQL injection vulnerability in the bblogin function in functions.php in PHP-Nuke 6.x through 7.2 allows remote attackers to bypass authentication and gain access by injecting base64-encoded SQL code into the user parameter.
CVE-2013-1891 EXPLOITDB MEDIUM text WRITEUP
OpenCart 1.4.7-1.5.5.1 - Path Traversal via Filemanager Bypass
In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.
CVSS 6.5
EIP-2026-110266 EXPLOITDB text WORKING POC
opencart 1.5.2.1 - Multiple Vulnerabilities
CVE-2008-0382 EXPLOITDB text WORKING POC
Mybulletinboard - Code Injection
Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
CVE-2012-1604 EXPLOITDB text WRITEUP
NextBBS 0.6 - Cross-Site Scripting via Do Parameter
Cross-site scripting (XSS) vulnerability in NextBBS 0.6 allows remote attackers to inject arbitrary web script or HTML via the do parameter to index.php.
CVE-2012-1603 EXPLOITDB text WRITEUP
NextBBS 0.6 - SQL Injection via curstr id or username Parameter
Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS 0.6 allow remote attackers to execute arbitrary SQL commands via the (1) curstr parameter in the findUsers function, (2) id parameter in the isIdAvailable function, or (3) username parameter in the getGreetings function.
CVE-2008-0383 EXPLOITDB text WORKING POC
MyBB < 1.2.10 - Authenticated SQL Injection via Moderation and Admin Parameters
Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via (1) the mergepost parameter in a do_mergeposts action, (2) rid parameter in an allreports action, or (3) threads parameter in a do_multimovethreads action to (a) moderation.php; or (4) gid parameter to (b) admin/usergroups.php.