Giovanni Buzzin

8 exploits Active since Apr 2009
CVE-2009-1314 EXPLOITDB text WORKING POC
Web File Explorer 3.1 - Remote Code Execution via File Parameter in savefile Action
body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.
CVE-2009-1508 EXPLOITDB perl WORKING POC
X-Forum 0.6.2 - SQL Injection via cookie_username Parameter
SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookie_username parameter to Configure.php.
CVE-2009-1512 EXPLOITDB perl WORKING POC
X-Forum 0.6.2 - Authenticated PHP Code Injection via adminEMail Parameter
Static code injection vulnerability in X-Forum 0.6.2 allows remote authenticated administrators to inject arbitrary PHP code into Config.php via the adminEMail parameter to SaveConfig.php.
CVE-2009-1323 EXPLOITDB text WORKING POC
Web File Explorer 3.1 - SQL Injection via id Parameter
SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-112540 EXPLOITDB perl WORKING POC
Syzygy CMS 0.3 - Local File Inclusion / SQL Injection
EIP-2026-110626 EXPLOITDB perl WORKING POC
PhotoStand 1.2.0 - Remote Command Execution
EIP-2026-109676 EXPLOITDB perl WORKING POC
My Simple Forum 7.1 - Remote Command Execution
EIP-2026-106413 EXPLOITDB text WORKING POC
Demium CMS 0.2.1b - Multiple Vulnerabilities