Juri Gianni aka yeat

10 exploits Active since Apr 2009
CVE-2008-7192 EXPLOITDB text WRITEUP
WoltLab Burning Board <3.0.1 - CSRF
Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472.
EIP-2026-113366 EXPLOITDB c WORKING POC
webSPELL 4.2.0d (Linux) - Local File Disclosure
EIP-2026-110686 EXPLOITDB c WORKING POC
PHP Director 0.21 - SQL Into Outfile 'eval()' Injection
EIP-2026-110329 EXPLOITDB text WORKING POC
openWYSIWYG 1.4.7 - Local Directory Traversal
EIP-2026-107130 EXPLOITDB perl WORKING POC
Flatnuke 2.7.1 - 'level' Privilege Escalation
EIP-2026-106802 EXPLOITDB perl WORKING POC
EggBlog 4.1.1 - Local Directory Traversal
CVE-2009-1409 EXPLOITDB perl WORKING POC
E107 - SQL Injection
SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fields" is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320.
EIP-2026-106508 EXPLOITDB perl WORKING POC
Dokeos Lms 1.8.5 - 'Include' Remote Code Execution
EIP-2026-106166 EXPLOITDB text WORKING POC
Coppermine Photo Gallery 1.4.20 - BBCode IMG Privilege Escalation
CVE-2009-1259 EXPLOITDB perl WORKING POC
Insanevisions Adaptbb - SQL Injection
SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php.