Halil Dalabasmaz - Security Researcher - Exploit Intelligence Platform

EIP-2026-117927 EXPLOITDB text WRITEUP

SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation

View Code

EIP-2026-117924 EXPLOITDB text WRITEUP

SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation

View Code

CVE-2014-9179 EXPLOITDB text WRITEUP

WordPress SupportEzzy Ticket System 1.2.5 - XSS

Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket System plugin 1.2.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the "URL (optional)" field in a new ticket.

View Code

CVE-2014-9516 EXPLOITDB text WRITEUP

Social Microblogging PRO 1.5 - Cross-Site Scripting via PATH_INFO

Cross-site scripting (XSS) vulnerability in Social Microblogging PRO 1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI, related to the "Web Site" input in the Profile section.

View Code

EIP-2026-112001 EXPLOITDB text WRITEUP

Serenity Client Management Portal 1.0.1 - Multiple Vulnerabilities

View Code

CVE-2014-8954 EXPLOITDB text WRITEUP

phpSound 1.0.5 - Stored Cross-Site Scripting via Playlist Title or Description

Multiple cross-site scripting (XSS) vulnerabilities in phpSound 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Title or (2) Description fields in a playlist or the (3) filter parameter in an explore action to index.php.

View Code

EIP-2026-109593 EXPLOITDB text WORKING POC

Mouse Media Script 1.6 - Persistent Cross-Site Scripting

View Code

CVE-2014-8997 EXPLOITDB text WRITEUP

DigitalVidhya Digi Online Examination System 2.0 - RCE

Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya Digi Online Examination System 2.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/uploads/images/.

View Code

EIP-2026-106234 EXPLOITDB text WRITEUP

Crea8Social 1.3 - Persistent Cross-Site Scripting

View Code

CVE-2015-2198 EXPLOITDB text WRITEUP

Beehive Forum 1.4.4 - Cross-Site Scripting via Edit Preferences Parameters

Multiple cross-site scripting (XSS) vulnerabilities in edit_prefs.php in Beehive Forum 1.4.4 allow remote attackers to inject arbitrary web script or HTML via the (1) homepage_url, (2) pic_url, or (3) avatar_url parameter, which are not properly handled in an error message.

View Code

CVE-2014-100013 EXPLOITDB text WRITEUP

clientresponse 4.1 - Cross-Site Scripting via Subject or Message Field

Multiple cross-site scripting (XSS) vulnerabilities in clientResponse 4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Subject or (2) Message field.

View Code

EIP-2026-101268 EXPLOITDB text WRITEUP

Exagate WEBPack Management System - Multiple Vulnerabilities

View Code