Felipe Molina de la Torre

6 exploits Active since Jan 2014
CVE-2015-9496 EXPLOITDB HIGH text WORKING POC
Freshmail-newsletter < 1.6 - SQL Injection
The freshmail-newsletter plugin before 1.6 for WordPress has shortcode.php SQL Injection via the 'FM_form id=' substring.
CVSS 8.8
EIP-2026-114140 EXPLOITDB text WRITEUP
WordPress Plugin Ultimate Product Catalogue - SQL Injection (1)
EIP-2026-114141 EXPLOITDB text WRITEUP
WordPress Plugin Ultimate Product Catalogue - SQL Injection (2)
EIP-2026-114142 EXPLOITDB text WORKING POC
WordPress Plugin Ultimate Product Catalogue 3.1.2 - Multiple Persistent Cross-Site Scripting / Cross-Site Request Forgery / Arbitrary File Upload Vulnerabilities
EIP-2026-104497 EXPLOITDB text WRITEUP
WordPress Plugin Freshmail 1.5.8 - SQL Injection
CVE-2013-7204 EXPLOITDB text WRITEUP
Conceptronic CIPCAMPTIWL Camera 1.0-21.37.2.49 - CSRF
Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users.