MATASANOS

5 exploits Active since Sep 2006
CVE-2006-4532 EXPLOITDB text WRITEUP
YACS CMS <6.6.1 - Remote Code Execution
PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System (YACS) CMS 6.6.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the context[path_to_root] parameter.
EIP-2026-114502 EXPLOITDB text WRITEUP
YACS 6.6.1 - Multiple Remote File Inclusions
CVE-2006-4559 EXPLOITDB text WRITEUP
YACS CMS 6.6.1 - Remote Code Execution
Multiple PHP remote file inclusion vulnerabilities in Yet Another Community System (YACS) CMS 6.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the context[path_to_root] parameter in (1) articles/populate.php, (2) categories/category.php, (3) categories/populate.php, (4) comments/populate.php, (5) files/file.php, (6) sections/section.php, (7) sections/populate.php, (8) tables/populate.php, (9) users/user.php, and (10) users/populate.php. The articles/article.php vector is covered by CVE-2006-4532.
CVE-2008-4694 EXPLOITDB text WRITEUP
Opera < 9.60 - Remote Code Execution via Crafted Redirect URL
Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a redirect that specifies a crafted URL.
EIP-2026-107875 EXPLOITDB text WORKING POC
Integramod Portal 2.0 rc2 - 'phpbb_root_path' Remote File Inclusion