Php Exploits

1,334 exploits tracked across all sources.

Sort: Activity Stars
CVE-2007-3051 EXPLOITDB php VERIFIED
Revokesoft Revokebb < 1.0_rc4 - SQL Injection
SQL injection vulnerability in inc/class_users.php in RevokeSoft RevokeBB 1.0 RC4 and earlier allows remote attackers to execute arbitrary SQL commands via the revokebb_user cookie.
by BlackHawk
CVE-2007-3065 EXPLOITDB php VERIFIED
Particle Soft Particle Gallery - SQL Injection
SQL injection vulnerability in viewimage.php in Particle Soft Particle Gallery 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the editcomment parameter, a different version and vector than CVE-2006-2862.
by Silentz
CVE-2007-2872 EXPLOITDB php VERIFIED
PHP <5.2.3 & <4.4.8 - Buffer Overflow
Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.
by Gerhard Wagner
EIP-2026-110581 EXPLOITDB php VERIFIED
Pheap 2.0 - 'config.php' Pheap_Login Authentication Bypass
by Silentz
CVE-2007-2985 EXPLOITDB php VERIFIED
Pheap - Access Control
Pheap 2.0 allows remote attackers to bypass authentication by setting a pheap_login cookie value to the administrator's username, which can be used to (1) obtain sensitive information, including the administrator password, via settings.php or (2) upload and execute arbitrary PHP code via an update_doc action in edit.php.
by Silentz
CVE-2007-2988 EXPLOITDB php VERIFIED
Inout Meta Search Engine - Code Injection
A certain admin script in Inout Meta Search Engine sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a request to admin/create_engine.php followed by a request to admin/generate_tabs.php.
by BlackHawk
CVE-2007-2935 EXPLOITDB php VERIFIED
Fundanemt <2.2.0.1 - Command Injection
core/spellcheck/spellcheck.php in Fundanemt before 2.2.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the dict parameter.
by Kacper
CVE-2007-2971 EXPLOITDB php VERIFIED
Greg Neustaetter Gcards < 1.46 - SQL Injection
SQL injection vulnerability in getnewsitem.php in gCards 1.46 and earlier allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
by Silentz
CVE-2007-2890 EXPLOITDB php VERIFIED
cpCommerce <1.1.0 - SQL Injection
SQL injection vulnerability in category.php in cpCommerce 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id_category parameter.
by Kacper
CVE-2007-2899 EXPLOITDB php VERIFIED
NavBoard 2.6.0 - Code Injection
Direct static code injection vulnerability in admin_config.php in NavBoard 2.6.0 allows remote attackers to inject arbitrary PHP code into data/config.php via multiple parameters, as demonstrated via the threadperpage parameter in an editconfig action.
by Dj7xpl
CVE-2007-2814 EXPLOITDB php VERIFIED
Pegasus ImagN' ActiveX control 4.00.041 - Buffer Overflow
Multiple stack-based buffer overflows in the Pegasus ImagN' ActiveX control (IMW32O40.OCX) 4.00.041 allow remote attackers to execute arbitrary code via (1) a long FileName parameter, or unspecified vectors involving the (2) BeginReport, (3) CreatePictureExA, (4) DefineImage, (5) DefineImageEx, (6) DefineImageFox, (7) CopyBufToClipExA, (8) LoadEx, (9) LoadFox, and other functions.
by rgod
CVE-2007-2821 EXPLOITDB php VERIFIED
WordPress <2.2 - SQL Injection
SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress before 2.2 allows remote attackers to execute arbitrary SQL commands via the cookie parameter.
by waraxe
CVE-2007-2777 EXPLOITDB php VERIFIED
AlstraSoft Template Seller Pro <3.25 - RCE
Unrestricted file upload vulnerability in admin/addsptemplate.php in AlstraSoft Template Seller Pro 3.25 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary .php filename in the zip parameter, which is created under sptemplates/.
by BlackHawk
CVE-2007-2776 EXPLOITDB php VERIFIED
AlstraSoft Template Seller Pro <3.25 - Auth Bypass
AlstraSoft Template Seller Pro 3.25 and earlier sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject a credential variable setting and obtain administrative access via a direct request to admin/changeinfo.php.
by BlackHawk
CVE-2007-2775 EXPLOITDB php VERIFIED
AlstraSoft Live Support <1.21 - Open Redirect
AlstraSoft Live Support 1.21 sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to obtain administrative access via a direct request to admin/managesettings.php.
by BlackHawk
CVE-2007-2824 EXPLOITDB php VERIFIED
AlstraSoft E-Friends <4.21 - SQL Injection
SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 and earlier allows remote attackers to execute arbitrary SQL commands via the pack parameter in a paypal action for index.php.
by BlackHawk
CVE-2007-2667 EXPLOITDB php VERIFIED
VImpX ActiveX <4.7.3 - RCE
Buffer overflow in the DB Software Laboratory VImpX ActiveX control in VImpX.ocx 4.7.3 allows remote attackers to execute arbitrary code via a long LogFile parameter.
by rgod
CVE-2007-2715 EXPLOITDB php VERIFIED
Snaps! Gallery 1.4.4 - Auth Bypass
Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the (1) username, or the (2) password and password2 parameters in an edit action.
by Dj7xpl
CVE-2007-2647 EXPLOITDB php VERIFIED
Monalbum 0.8.7 - Code Injection
Static code injection vulnerability in admin/admin_configuration.php in Monalbum 0.8.7 allows remote authenticated users to inject arbitrary PHP code into the conf/config.inc.php file via the (1) gadm_pass, (2) gadm_user, (3) gcfgHote, (4) gcfgPass, (5) gcfgUser, (6) gclassement_rep, (7) gcontour, (8) gfond, (9) ggd_version, (10) ghome, (11) ghor, (12) gimg_copyright, (13) glangage, (14) gmenu_visible, (15) gmini_hasard, (16) gordre_rep, (17) gpage, (18) gracine, (19) grech_inactive, (20) grep_mini, (21) grepertoire, (22) gsite, (23) gslide, (24) gtitre, (25) guse_copyright, (26) gversion, (27) gvert, or (28) gcfgBase parameter.
by Dj7xpl
CVE-2007-2556 EXPLOITDB php VERIFIED
Nuked-klaN <1.7.6 - SQL Injection
SQL injection vulnerability in Nuked-klaN 1.7.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For (X_FORWARDED_FOR) HTTP header, as demonstrated by a request to the /nk/ URI.
by DarkFig
CVE-2007-2538 EXPLOITDB php VERIFIED
RunCms <1.5.2 - SQL Injection
SQL injection vulnerability in class/debug/debug_show.php in RunCms 1.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the executed_queries array parameter.
by rgod
CVE-2007-2539 EXPLOITDB php VERIFIED
RunCms <1.5.2 - Info Disclosure
The show_files function in RunCms 1.5.2 and earlier allows remote attackers to obtain sensitive information (file existence and file metadata) via unspecified vectors.
by rgod
CVE-2007-2537 EXPLOITDB php VERIFIED
NPDS <5.10 - SQL Injection
Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 and earlier allow remote authenticated users to execute arbitrary SQL commands via a (1) nickname or (2) Id in a cookie, or (3) the X-Forwarded-For (X_FORWARDED_FOR) HTTP header.
by Gu1ll4um3r0m41n
EIP-2026-114509 EXPLOITDB php VERIFIED
YaPiG 0.95b - Remote Code Execution
by Dj7xpl
CVE-2007-2493 EXPLOITDB php VERIFIED
FAQ & RULES <2.0.0 - RCE
PHP remote file inclusion vulnerability in faq.php in the FAQ & RULES 2.0.0 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.
by bd0rk
By Source
All 1,334 Exploitdb 50,121 Writeup 46,628 Nomisec 21,129 Metasploit 3,189 Github 2,234 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,729 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 246 shell 68 go 41 postscript 25 xml 24