Arash Khazaei

7 exploits Active since Aug 2015
CVE-2015-10144 EXPLOITDB HIGH text WRITEUP
Responsive Thumbnail Slider <1.0.1 - Code Injection
The Responsive Thumbnail Slider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type sanitization in the via the image uploader in versions up to 1.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected sites server using a double extension which may make remote code execution possible.
CVSS 8.8
EIP-2026-118195 EXPLOITDB text WRITEUP
Zapya Desktop 1.803 - 'ZapyaService.exe' Local Privilege Escalation
EIP-2026-117216 EXPLOITDB python WORKING POC
FTPShell Client 5.24 - 'Create NewFolder' Local Buffer Overflow
EIP-2026-112595 EXPLOITDB text WRITEUP
Tendoo CMS 1.3 - Cross-Site Scripting
CVE-2015-6655 EXPLOITDB html WORKING POC
Pligg Cms - CSRF
Cross-site request forgery (CSRF) vulnerability in Pligg CMS 2.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator via a request to admin/admin_users.php.
EIP-2026-111339 EXPLOITDB html WORKING POC
Pligg CMS 2.0.2 - Arbitrary Code Execution
EIP-2026-104792 EXPLOITDB ruby WORKING POC
WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit)