Hasadya Raed

10 exploits Active since Feb 2007
CVE-2007-1424 EXPLOITDB text WRITEUP
PHP - RCE
Multiple PHP remote file inclusion vulnerabilities in Softnews Media Group DataLife Engine allow remote attackers to execute arbitrary PHP code via a URL in the root_dir parameter to (1) init.php and (2) Ajax/editnews.php. NOTE: some of these details are obtained from third party information.
CVE-2006-7099 EXPLOITDB text WRITEUP
Solarpay - Path Traversal
Directory traversal vulnerability in index.php in SolarPay allows remote attackers to read certain files via a .. (dot dot) in the read parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-1424 EXPLOITDB text WRITEUP
PHP - RCE
Multiple PHP remote file inclusion vulnerabilities in Softnews Media Group DataLife Engine allow remote attackers to execute arbitrary PHP code via a URL in the root_dir parameter to (1) init.php and (2) Ajax/editnews.php. NOTE: some of these details are obtained from third party information.
CVE-2007-1421 EXPLOITDB text WRITEUP
Premod SubDog 2 - RCE
Multiple PHP remote file inclusion vulnerabilities in Premod SubDog 2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) functions_kb.php, (2) themen_portal_mitte.php, or (3) logger_engine.php in includes/.
CVE-2007-1421 EXPLOITDB text WRITEUP
Premod SubDog 2 - RCE
Multiple PHP remote file inclusion vulnerabilities in Premod SubDog 2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) functions_kb.php, (2) themen_portal_mitte.php, or (3) logger_engine.php in includes/.
CVE-2007-1421 EXPLOITDB text WRITEUP
Premod SubDog 2 - RCE
Multiple PHP remote file inclusion vulnerabilities in Premod SubDog 2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) functions_kb.php, (2) themen_portal_mitte.php, or (3) logger_engine.php in includes/.
CVE-2007-0758 EXPLOITDB text WORKING POC
PHPProbid 5.24 - RCE
PHP remote file inclusion vulnerability in lang.php in PHPProbid 5.24 allows remote attackers to execute arbitrary PHP code via a URL in the SRC attribute of an HTML element in the lang parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-110988 EXPLOITDB html WORKING POC
PHPBB2 - 'Admin_Ug_Auth.php' Administrative Bypass
CVE-2007-1416 EXPLOITDB text WRITEUP
PHP <createurl.php - RCE
PHP remote file inclusion vulnerability in createurl.php in JCcorp (aka James Coyle) URLshrink allows remote attackers to execute arbitrary PHP code via a URL in the formurl parameter.
EIP-2026-107118 EXPLOITDB text WRITEUP
FlashChat F_CMS 4.7.9 - Multiple Remote File Inclusions