AtT4CKxT3rR0r1ST - Security Researcher - Exploit Intelligence Platform

CVE-2025-46002 EXPLOITDB MEDIUM text WRITEUP

Simogeo Filemanager < 2.0.0 - Path Traversal

An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request to the filemanager.php endpoint.

CVSS 6.5

View Code

EIP-2026-119360 EXPLOITDB text WORKING POC

DirectControlTM 3.1.7.0 - Multiple Vulnerabilities

View Code

EIP-2026-117434 EXPLOITDB perl WORKING POC

Magic Music Editor - Local Buffer Overflow

View Code

EIP-2026-115573 EXPLOITDB perl WORKING POC

Magic Music Editor - '.cda' Denial of Service

View Code

EIP-2026-114548 EXPLOITDB html WORKING POC

YourTube 1.0 - Cross-Site Request Forgery (Add User)

View Code

CVE-2014-3935 EXPLOITDB text WRITEUP

XOOPS 1.0 - Glossaire module - SQL Injection

SQL injection vulnerability in glossaire-aff.php in the Glossaire module 1.0 for XOOPS allows remote attackers to execute arbitrary SQL commands via the lettre parameter.

View Code

EIP-2026-113447 EXPLOITDB text WRITEUP

Wiser Backup - Information Disclosure

View Code

CVE-2014-1618 EXPLOITDB text WRITEUP

UAEPD Shopping Cart Script - SQL Injection

Multiple SQL injection vulnerabilities in UAEPD Shopping Cart Script allow remote attackers to execute arbitrary SQL commands via the (1) cat_id or (2) p_id parameter to products.php or id parameter to (3) page.php or (4) news.php.

View Code

EIP-2026-112658 EXPLOITDB text WORKING POC

ThinkAdmin - 'page.php' SQL Injection

View Code

CVE-2014-1618 EXPLOITDB text WRITEUP

UAEPD Shopping Cart Script - SQL Injection

Multiple SQL injection vulnerabilities in UAEPD Shopping Cart Script allow remote attackers to execute arbitrary SQL commands via the (1) cat_id or (2) p_id parameter to products.php or id parameter to (3) page.php or (4) news.php.

View Code

CVE-2013-4953 EXPLOITDB text WORKING POC

Top Games Script 1.2 - SQL Injection

SQL injection vulnerability in play.php in Top Games Script 1.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter.

View Code

EIP-2026-112762 EXPLOITDB text WORKING POC

tplSoccerStats - 'player.php' SQL Injection

View Code

CVE-2014-10023 EXPLOITDB text WORKING POC

Topicsviewer - SQL Injection

Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) edit_block.php, (2) edit_cat.php, (3) edit_note.php, or (4) rmv_topic.php in admincp/.

View Code

EIP-2026-112260 EXPLOITDB text WORKING POC

SnapProof - 'page.php' SQL Injection

View Code

EIP-2026-112360 EXPLOITDB text WORKING POC

southburn Web - 'products.php' SQL Injection

View Code

EIP-2026-112331 EXPLOITDB text WRITEUP

Softmatica SMART iPBX - Multiple SQL Injections

View Code

EIP-2026-111708 EXPLOITDB text WRITEUP

RealAdmin - 'detail.php' Blind SQL Injection

View Code

EIP-2026-111032 EXPLOITDB text WORKING POC

PHPDirector Game Edition - 'game.php' SQL Injection

View Code

CVE-2007-3519 EXPLOITDB text WORKING POC

Wesmo Phpeventcalendar < 0.2.3 - SQL Injection

SQL injection vulnerability in eventdisplay.php in phpEventCalendar 0.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

CVE-2011-0643 EXPLOITDB html WORKING POC

Phplinkdirectory Php Link Directory - CSRF

Cross-site request forgery (CSRF) vulnerability in admin/conf_users_edit.php in PHP Link Directory (phpLD) 4.1.0 allows remote attackers to hijack the authentication of administrators for requests that add an administrator via the N action.

View Code

CVE-2014-5104 EXPLOITDB text WRITEUP

Ol-commerce - SQL Injection

Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) a_country parameter in a process action to affiliate_signup.php, (2) affiliate_banner_id parameter to affiliate_show_banner.php, (3) country parameter in a process action to create_account.php, or (4) entry_country_id parameter in an edit action to admin/create_account.php.

View Code

CVE-2014-5104 EXPLOITDB text WORKING POC

Ol-commerce - SQL Injection

Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) a_country parameter in a process action to affiliate_signup.php, (2) affiliate_banner_id parameter to affiliate_show_banner.php, (3) country parameter in a process action to create_account.php, or (4) entry_country_id parameter in an edit action to admin/create_account.php.

View Code

CVE-2014-5104 EXPLOITDB text WORKING POC

Ol-commerce - SQL Injection

Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) a_country parameter in a process action to affiliate_signup.php, (2) affiliate_banner_id parameter to affiliate_show_banner.php, (3) country parameter in a process action to create_account.php, or (4) entry_country_id parameter in an edit action to admin/create_account.php.

View Code

CVE-2014-5104 EXPLOITDB text WORKING POC

Ol-commerce - SQL Injection

Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) a_country parameter in a process action to affiliate_signup.php, (2) affiliate_banner_id parameter to affiliate_show_banner.php, (3) country parameter in a process action to create_account.php, or (4) entry_country_id parameter in an edit action to admin/create_account.php.

View Code

EIP-2026-110222 EXPLOITDB text WRITEUP

Open Bulletin Board - Multiple Blind SQL Injections

View Code