1dt.w0lf

53 exploits Active since Nov 2003
CVE-2005-4619 EXPLOITDB perl WORKING POC
phpoutsourcing Zorum Forum <3.5 - SQL Injection
SQL injection vulnerability in index.php in phpoutsourcing Zorum Forum 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the rollid parameter in the showhtmllist method.
EIP-2026-118708 EXPLOITDB perl WORKING POC
Jordan Windows Telnet Server 1.0/1.2 - 'Username' Stack Buffer Overrun (1)
EIP-2026-114648 EXPLOITDB perl WORKING POC
ZPanel 2.5b10 - SQL Injection
CVE-2005-4633 EXPLOITDB perl WORKING POC
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4619. Reason: This candidate is a duplicate of CVE-2005-4619. Notes: All CVE users should reference CVE-2005-4619 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2005-2113 EXPLOITDB perl WORKING POC
Xoops - SQL Injection
SQL injection vulnerability in the loginUser function in the XMLRPC server in XOOPS 2.0.11 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via crafted values in an XML file, as demonstrated using the blogger.getPost method.
EIP-2026-114498 EXPLOITDB perl WORKING POC
YaBB SE 1.5.5 - Remote Command Execution
EIP-2026-113489 EXPLOITDB perl WORKING POC
WordPress Core 1.5.1.1 - 'add new admin' SQL Injection
EIP-2026-112846 EXPLOITDB perl WORKING POC
UBBCentral UBB.Threads 6.2.x < 6.3x - One Char Brute Force
CVE-2005-3423 EXPLOITDB perl WORKING POC
Subdreamer - SQL Injection
Multiple SQL injection vulnerabilities in Subdreamer 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1) the loginusername parameter or (2) cookies to (a) subdreamer.php, (b) ipb2.php, (c) phpbb2.php, (d) vbulletin2.php, and (e) vbulletin3.php.
CVE-2008-0478 EXPLOITDB perl WORKING POC
Setcms - Path Traversal
Directory traversal vulnerability in index.php in SetCMS 3.6.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the set parameter, as demonstrated by sending a certain CLIENT_IP HTTP header in an enter action to index.php, and injecting PHP sequences into files/enter.set, which is then included by index.php.
EIP-2026-111581 EXPLOITDB perl WORKING POC
PunBB 1.2.2 - Authentication Bypass
EIP-2026-110955 EXPLOITDB perl WORKING POC
phpBB 2.0.19 - 'user_sig_bbcode_uid' Remote Code Execution
CVE-2003-1216 EXPLOITDB perl WORKING POC
Phpbb - SQL Injection
SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter.
EIP-2026-110952 EXPLOITDB perl WORKING POC
phpBB 2.0.17 - 'signature_bbcode_uid' Remot Command
EIP-2026-110863 EXPLOITDB c WORKING POC
PHP-Nuke 7.8 - 'modules.php' SQL Injection
CVE-2008-0461 EXPLOITDB php WORKING POC
Francisco Burzi Php-nuke < 8.0_final - SQL Injection
SQL injection vulnerability in index.php in the Search module in PHP-Nuke 8.0 FINAL and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a comments action to modules.php. NOTE: some of these details are obtained from third party information.
EIP-2026-110852 EXPLOITDB perl WORKING POC
PHP-Nuke 6.6 - 'admin.php' SQL Injection
EIP-2026-110853 EXPLOITDB perl WORKING POC
PHP-Nuke 6.9 - 'cid' SQL Injection
CVE-2005-2028 EXPLOITDB perl WORKING POC
Mercuryboard Message Board - SQL Injection
SQL injection vulnerability in index.php for MercuryBoard 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.
EIP-2026-109270 EXPLOITDB perl WORKING POC
Mambo 4.5.2.1 - SQL Injection
EIP-2026-109172 EXPLOITDB perl WORKING POC
LiteForum 2.1.1 - SQL Injection
CVE-2008-0770 EXPLOITDB perl WORKING POC
Ibproarcade < 3.3.0 - SQL Injection
SQL injection vulnerability in arcade.php in ibProArcade 3.3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the g_display_order cookie parameter.
CVE-2006-2059 EXPLOITDB perl WORKING POC
Invision Power Board <2.1.x-2.0.x - RCE
action_public/search.php in Invision Power Board (IPB) 2.1.x and 2.0.x before 20060425 allows remote attackers to execute arbitrary PHP code via a search with a crafted value of the lastdate parameter, which alters the behavior of a regular expression to add a "#e" (execute) modifier.
CVE-2006-7071 EXPLOITDB perl WORKING POC
Invision Power Services Invision Power Board - SQL Injection
SQL injection vulnerability in classes/class_session.php in Invision Power Board (IPB) 2.1 up to 2.1.6 allows remote attackers to execute arbitrary SQL commands via the CLIENT_IP parameter.
EIP-2026-107977 EXPLOITDB perl WORKING POC
ITA Forum 1.49 - SQL Injection