Dante90

16 exploits Active since Jan 2009
EIP-2026-112024 EXPLOITDB perl WORKING POC
ShopCartDx 4.30 - 'products.php' Blind SQL Injection
EIP-2026-111583 EXPLOITDB perl WORKING POC
PunBB 1.3.4 / Pun_PM 1.2.6 - Blind SQL Injection
CVE-2009-2308 EXPLOITDB perl WORKING POC
Affiliation module for PunBB <= 1.1.0 - SQL Injection via in or out Parameter
Multiple SQL injection vulnerabilities in affiliates.php in the Affiliation (aka Affiliates) module 1.1.0 and earlier for PunBB allow remote attackers to execute arbitrary SQL commands via the (1) in or (2) out parameter.
EIP-2026-111587 EXPLOITDB perl WORKING POC
PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete
EIP-2026-111588 EXPLOITDB perl WORKING POC
PunBB Automatic Image Upload 1.3.5 - SQL Injection
CVE-2009-2276 EXPLOITDB perl WORKING POC
Vote For Us Extension < 1.0.1 - SQL Injection via 'out' Parameter
SQL injection vulnerability in voteforus.php in the Vote For Us extension 1.0.1 and earlier for PunBB allows remote attackers to execute arbitrary SQL commands via the out parameter.
CVE-2009-2786 EXPLOITDB perl WORKING POC
PunBB Reputation <2.2.4 - SQL Injection
SQL injection vulnerability in reputation.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and earlier for PunBB allows remote attackers to execute arbitrary SQL commands via the poster parameter.
CVE-2009-2787 EXPLOITDB perl WORKING POC
Reputation plugin for PunBB <= 2.2.4 - Remote File Inclusion via pun_user[language] Parameter
Directory traversal vulnerability in include/reputation/rep_profile.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and earlier for PunBB, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pun_user[language] parameter.
EIP-2026-110872 EXPLOITDB perl WORKING POC
PHP-Nuke 8.1.0.3.5b - Remote Command Execution
CVE-2009-0302 EXPLOITDB perl WORKING POC
PHP-Nuke <8.1.0.3.5b - SQL Injection
SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php.
EIP-2026-110867 EXPLOITDB perl WORKING POC
PHP-Nuke 8.0 - SQL Injection
EIP-2026-110436 EXPLOITDB perl WORKING POC
Oxygen2PHP 1.1.3 - 'post.php' Blind SQL Injection
EIP-2026-110434 EXPLOITDB perl WORKING POC
Oxygen2PHP 1.1.3 - 'forumdisplay.php' Blind SQL Injection
EIP-2026-110435 EXPLOITDB perl WORKING POC
Oxygen2PHP 1.1.3 - 'member.php' SQL Injection
CVE-2009-2307 EXPLOITDB text WORKING POC
maxdev cwguestbook < 2.1 - SQL Injection via rid Parameter
SQL injection vulnerability in the CWGuestBook module 2.1 and earlier for MAXdev MDPro (aka MD-Pro) allows remote attackers to execute arbitrary SQL commands via the rid parameter in a viewrecords action to modules.php.
CVE-2010-3467 EXPLOITDB perl WORKING POC
E-Xoopport Samsara <3.1 - SQL Injection
SQL injection vulnerability in modules/sections/index.php in E-Xoopport Samsara 3.1 and earlier, when the Tutorial module is enabled, allows remote attackers to execute arbitrary SQL commands via the secid parameter in a listarticles action.