Le Ngoc Phi

2 exploits Active since Dec 2014
CVE-2014-8877 EXPLOITDB text WORKING POC
CreativeMinds CM Downloads Manager <2.0.4 - RCE
The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP create_function function.
CVE-2015-2564 EXPLOITDB text WRITEUP
Projectsend - SQL Injection
SQL injection vulnerability in client-edit.php in ProjectSend (formerly cFTP) r561 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to users-edit.php.