Ahmed Elhady Mohamed

14 exploits Active since May 2012
CVE-2013-10032 EXPLOITDB HIGH text WRITEUP
GetSimpleCMS <3.2.1 - Authenticated RCE
An authenticated remote code execution vulnerability exists in GetSimpleCMS version 3.2.1. The application’s upload.php endpoint allows authenticated users to upload arbitrary files without proper validation of MIME types or extensions. By uploading a .pht file containing PHP code, an attacker can bypass blacklist-based restrictions and place executable code within the web root. A crafted request using a polyglot or disguised extension allows the attacker to execute the payload by accessing the file directly via the web server. This vulnerability exists due to the use of a blacklist for filtering file types instead of a whitelist.
CVSS 8.8
CVE-2017-6510 METASPLOIT HIGH ruby WORKING POC
Easy File Sharing FTP Server < 3.6 - Path Traversal
Easy File Sharing FTP Server version 3.6 is vulnerable to a directory traversal vulnerability which allows an attacker to list and download any file from any folder outside the FTP root Directory.
CVSS 7.5
CVE-2013-10032 METASPLOIT HIGH ruby WORKING POC
GetSimpleCMS <3.2.1 - Authenticated RCE
An authenticated remote code execution vulnerability exists in GetSimpleCMS version 3.2.1. The application’s upload.php endpoint allows authenticated users to upload arbitrary files without proper validation of MIME types or extensions. By uploading a .pht file containing PHP code, an attacker can bypass blacklist-based restrictions and place executable code within the web root. A crafted request using a polyglot or disguised extension allows the attacker to execute the payload by accessing the file directly via the web server. This vulnerability exists due to the use of a blacklist for filtering file types instead of a whitelist.
CVSS 8.8
CVE-2018-19371 EXPLOITDB MEDIUM text WRITEUP
SDL Web Content Manager 8.5.0 - XML External Entity Injection via SaveUserSettings Service
The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that allows reading sensitive files from the system.
CVSS 6.5
EIP-2026-115880 EXPLOITDB ruby WORKING POC
MultiMedia Builder 4.9.8 - '.mef' Denial of Service
CVE-2012-2940 EXPLOITDB ruby WORKING POC
MediaChance Real-DRAW PRO 5.2.4 - DoS
MediaChance Real-DRAW PRO 5.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted (1) PNG, (2) WMF, (3) PSD, (4) TGA, (5) TTF, (6) BMP, (7) TIFF, or (8) PCX file.
EIP-2026-115290 EXPLOITDB ruby WORKING POC
FoxPlayer 2.6.0 - Denial of Service
EIP-2026-115174 EXPLOITDB ruby WORKING POC
DVD-Lab Studio 1.25 - '.DAL' File Open Crash
EIP-2026-112894 EXPLOITDB text WRITEUP
Umbraco CMS SeoChecker Plugin 1.9.2 - Cross-Site Scripting
EIP-2026-107065 EXPLOITDB text WORKING POC
FCMS CMS 2.7.2 - Multiple Cross-Site Request Forgery Vulnerabilities
CVE-2012-0699 EXPLOITDB HIGH html WORKING POC
Family Connections CMS < 2.9.0 - Cross-Site Request Forgery via News or Prayer Add Action
Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2) add a prayer via an add action to prayers.php.
CVSS 8.8
CVE-2012-0699 EXPLOITDB HIGH text WRITEUP
Family Connections CMS < 2.9.0 - Cross-Site Request Forgery via News or Prayer Add Action
Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2) add a prayer via an add action to prayers.php.
CVSS 8.8
CVE-2012-5891 EXPLOITDB text WORKING POC
DAlbum < 1.44 - Cross-Site Request Forgery in User Management
Multiple cross-site request forgery (CSRF) vulnerabilities in photo/pass.php in DAlbum 1.44 build 174 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add a user via an add action, (2) change user passwords via a change action, or (3) delete a user via a delete action.
CVE-2012-5917 EXPLOITDB ruby WORKING POC
SnackAmp 3.1.3 - Denial of Service via Long String in AIFF File
SnackAmp 3.1.3 allows remote attackers to cause a denial of service (application crash) via a long string in an aiff file.