Benjamin Kunz Mejri (Rem0ve)

5 exploits Active since Aug 2012
CVE-2012-5894 EXPLOITDB WRITEUP
Havalite CMS < 1.1.0 - SQL Injection via postId Parameter
SQL injection vulnerability in hava_post.php in Havalite CMS 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the postId parameter.
CVE-2011-5149 EXPLOITDB text WRITEUP
SpamTitan < 5.08 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.08 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) testaddr or (2) testpass parameter to auth-settings.php; (3) hostname, (4) domainname, or (5) mailserver parameter to setup-relay.php; or (6) subnetmask or (7) defaultroute parameter to setup-network.php.
CVE-2011-5150 EXPLOITDB text WRITEUP
SpamTitan < 5.07 - Cross-Site Scripting via setup-network.php Parameters
Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the (1) ipaddress or (2) domain parameter to setup-network.php, different vectors than CVE-2011-5149. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2012-5919 EXPLOITDB text WRITEUP
Havalite CMS < 1.0.4 - Cross-Site Scripting via Multiple Input Fields
Multiple cross-site scripting (XSS) vulnerabilities in Havalite 1.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) find or (2) replace fields to havalite/findReplace.php; (3) username parameter to havalite/hava_login.php, (4) the Edit Article module, or (5) hava_post.php in the postAuthor module; (6) postId parameter to hava_post.php; (7) userId parameter to hava_user.php; or (8) linkId parameter to hava_link.php.
EIP-2026-106872 EXPLOITDB text WRITEUP
Endian UTM Firewall 2.4.x < 2.5.0 - Multiple Web Vulnerabilities