Benjamin Kunz Mejri

139 exploits Active since Jan 2012
EIP-2026-112407 EXPLOITDB text WRITEUP
Squirrelcart Cart Shop 3.3.4 - Multiple Web Vulnerabilities
CVE-2011-5150 EXPLOITDB text WRITEUP
SpamTitan < 5.07 - Cross-Site Scripting via setup-network.php Parameters
Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the (1) ipaddress or (2) domain parameter to setup-network.php, different vectors than CVE-2011-5149. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-112367 EXPLOITDB text WRITEUP
SpamTitan Application 5.08x - SQL Injection
EIP-2026-112105 EXPLOITDB text WORKING POC
Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities
EIP-2026-111983 EXPLOITDB text WRITEUP
Sentrifugo CMS 3.2 - Persistent Cross-Site Scripting
EIP-2026-112047 EXPLOITDB text WORKING POC
SilverStripe CMS - Multiple HTML Injection Vulnerabilities
EIP-2026-111118 EXPLOITDB text WRITEUP
phpList 3.0.6/3.0.10 - SQL Injection
EIP-2026-111022 EXPLOITDB text WRITEUP
PHPCollab CMS 2.5 - 'emailusers.php' SQL Injection
EIP-2026-110594 EXPLOITDB text WORKING POC
Phonalisa - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities
CVE-2013-6794 EXPLOITDB text WRITEUP
Olat 7.8.0.1 - Cross-Site Scripting via Calendar Location Field
Cross-site scripting (XSS) vulnerability in the Calendar module in Olat 7.8.0.1 (b20130821 N1) allows remote attackers to inject arbitrary web script or HTML via the Location field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-110208 EXPLOITDB text WRITEUP
Onpub CMS 1.4/1.5 - Multiple SQL Injections
EIP-2026-109857 EXPLOITDB text WRITEUP
NeoBill CMS 0.8 Alpha - Multiple Vulnerabilities
EIP-2026-107783 EXPLOITDB text WRITEUP
ILIAS eLearning CMS 4.3.4 < 4.4 - Persistent Cross-Site Scripting
EIP-2026-107704 EXPLOITDB text WRITEUP
iauto mobile Application 2012 - Multiple Vulnerabilities
EIP-2026-107379 EXPLOITDB text WRITEUP
Genium CMS 2012/Q2 - Multiple Vulnerabilities
EIP-2026-107240 EXPLOITDB text WORKING POC
Freeside SelfService CGI/API 2.3.3 - Multiple Vulnerabilities
EIP-2026-106872 EXPLOITDB text WRITEUP
Endian UTM Firewall 2.4.x < 2.5.0 - Multiple Web Vulnerabilities
EIP-2026-106845 EXPLOITDB text WRITEUP
elproLOG MONITOR Webaccess 2.1 - Multiple Vulnerabilities
EIP-2026-106923 EXPLOITDB text WRITEUP
eTransfer Lite - 'file name' HTML Injection
EIP-2026-107084 EXPLOITDB text WRITEUP
File Manager - HTML Injection / Local File Inclusion
EIP-2026-106793 EXPLOITDB text WORKING POC
eFront Community++ 3.6.10 - SQL Injection / Multiple HTML Injection Vulnerabilities
CVE-2012-1225 EXPLOITDB text WRITEUP
Dolibarr < 3.2.0 - Authenticated SQL Injection via Memberslist or Rowid Parameter
Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) memberslist parameter (aka Member List) in list.php or (2) rowid parameter to adherents/fiche.php.
CVE-2012-1226 EXPLOITDB text WRITEUP
Dolibarr CMS 3.2.0 Alpha - Path Traversal & Arbitrary File Read via Document.php or Backtopage Parameter
Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the (1) file parameter to document.php or (2) backtopage parameter in a create action to comm/action/fiche.php.
CVE-2011-5050 EXPLOITDB text WRITEUP
Cyberoam Unified Threat Management < 10.01.2 - Authenticated SQL Injection via tableid Parameter
SQL injection vulnerability in corporate/Controller in Elitecore Technologies Cyberoam UTM before 10.01.2 build 059 allows remote authenticated administrators to execute arbitrary SQL commands via the tableid parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-106473 EXPLOITDB text WORKING POC
Distimo Monitor - Multiple Cross-Site Scripting Vulnerabilities