D. Fabian

3 exploits Active since Oct 2005
CVE-2005-3330 EXPLOITDB text WORKING POC
Snoopy 1.2 - Remote Code Execution via HTTPS URL Shell Metacharacters
The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function.
CVE-2006-6690 EXPLOITDB text WORKING POC
Typo3 <4.0.3, 3.7, 3.8, 4.1 beta - Authenticated Command Injection
rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php, and possibly another vector.
CVE-2010-2006 EXPLOITDB text WORKING POC
LetoDMS < 1.7.2 - Authenticated Path Traversal via Lang Parameter
Directory traversal vulnerability in op/op.Login.php in LetoDMS (formerly MyDMS) 1.7.2 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.