Kurd-Team - Security Researcher - Exploit Intelligence Platform

EIP-2026-106920 EXPLOITDB text WRITEUP

Etki Video PRO 2.0 - 'izle.asp?id' SQL Injection

View Code

EIP-2026-106921 EXPLOITDB text WRITEUP

Etki Video PRO 2.0 - 'kategori.asp?cat' SQL Injection

View Code

CVE-2009-3055 EXPLOITDB text WORKING POC

DataLife Engine 8.2 - Remote Code Execution via dle_config_api Parameter

PHP remote file inclusion vulnerability in engine/api/api.class.php in DataLife Engine (DLE) 8.2 allows remote attackers to execute arbitrary PHP code via a URL in the dle_config_api parameter.

View Code

EIP-2026-105314 EXPLOITDB text WRITEUP

Automagick Tube Script 1.4.4 - 'module' Cross-Site Scripting

View Code

CVE-2009-4623 EXPLOITDB text WRITEUP

Advanced Comment System 1.0 - Remote Code Execution via ACS_path Parameter

Multiple PHP remote file inclusion vulnerabilities in Advanced Comment System 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the ACS_path parameter to (1) index.php and (2) admin.php in advanced_comment_system/. NOTE: this might only be a vulnerability when the administrator has not followed installation instructions in install.php. NOTE: this might be the same as CVE-2020-35598.

View Code

EIP-2026-100357 EXPLOITDB text WORKING POC

i-Gallery 3.4 - 'd' Cross-Site Scripting

View Code