Gu1ll4um3r0m41n

3 exploits Active since Mar 2007
CVE-2007-2537 EXPLOITDB php WORKING POC
NPDS < 5.10 - Authenticated SQL Injection via Cookie or X-Forwarded-For Header
Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 and earlier allow remote authenticated users to execute arbitrary SQL commands via a (1) nickname or (2) Id in a cookie, or (3) the X-Forwarded-For (X_FORWARDED_FOR) HTTP header.
CVE-2007-1552 EXPLOITDB php WORKING POC
MetaForum 0.513 Beta - Unauthenticated Arbitrary File Upload via usercp.php MIME Type Bypass
Unrestricted file upload vulnerability in usercp.php in MetaForum 0.513 Beta restricts file types based on the MIME type in the Content-type HTTP header, which allows remote attackers to upload and execute arbitrary scripts via an image MIME type with a filename containing an executable extension such as .php.
CVE-2007-6083 EXPLOITDB php WORKING POC
IceBB 1.0-rc6 - SQL Injection via X-Forwarded-For HTTP Header
SQL injection vulnerability in admin/index.php in IceBB 1.0-rc6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.