Bogdan Calin

CVE-2010-3460 EXPLOITDB text WORKING POC

AXIGEN Mail Server 7.4.1 - Path Traversal

Directory traversal vulnerability in the HTTP interface in AXIGEN Mail Server 7.4.1 for Windows allows remote attackers to read arbitrary files via a %5C (encoded backslash) in the URL.

View Code

CVE-2010-4907 EXPLOITDB text WORKING POC

Zenphoto 1.3 - Cross-Site Scripting via User Parameter

Cross-site scripting (XSS) vulnerability in zp-core/admin.php in Zenphoto 1.3 allows remote attackers to inject arbitrary web script or HTML via the user parameter. NOTE: the from parameter is already covered by CVE-2009-4562.

View Code

CVE-2010-4906 EXPLOITDB text WRITEUP

Zenphoto 1.3 and 1.3.1.2 - SQL Injection via a Parameter

SQL injection vulnerability in zp-core/full-image.php in Zenphoto 1.3 and 1.3.1.2 allows remote attackers to execute arbitrary SQL commands via the a parameter. NOTE: some of these details are obtained from third party information.

View Code

EIP-2026-111332 EXPLOITDB text WRITEUP

Pligg CMS 1.0.4 - SQL Injection / Cross-Site Scripting

View Code

CVE-2010-3070 EXPLOITDB text WRITEUP

NuSOAP 0.9.5 - Cross-Site Scripting via PATH_INFO

Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.

View Code

CVE-2009-3904 EXPLOITDB text WORKING POC

CubeCart 4.3.4 - Unauthenticated Administrative Access Bypass via Empty Session ID or Headers

classes/session/cc_admin_session.php in CubeCart 4.3.4 does not properly restrict administrative access permissions, which allows remote attackers to bypass restrictions and gain administrative access via a HTTP request that contains an empty (1) sessID (ccAdmin cookie), (2) X_CLUSTER_CLIENT_IP header, or (3) User-Agent header.

View Code

EIP-2026-104643 EXPLOITDB python WORKING POC

PHP - MultiPart Form-Data Denial of Service (PoC)

View Code