Master Mind

4 exploits Active since Oct 2006
EIP-2026-112643 EXPLOITDB text WRITEUP
The Uploader 2.0 - Arbitrary File Upload
CVE-2009-4817 EXPLOITDB text WRITEUP
Element-IT Ultimate Uploader 1.3 - Unauthenticated Arbitrary File Upload and Remote Code Execution
Unrestricted file upload vulnerability in Element-IT Ultimate Uploader 1.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/.
CVE-2009-4818 EXPLOITDB text WORKING POC
PHPSimplicity Simplicity oF Upload 1.3.2 - Unrestricted File Upload via Double Extension Bypass
Unrestricted file upload vulnerability in upload.php in PHPSimplicity Simplicity oF Upload 1.3.2 allows remote attackers to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif.
CVE-2006-5236 EXPLOITDB text WRITEUP
4images 1.7.x - Authenticated SQL Injection via search_user Parameter
SQL injection vulnerability in search.php in 4images 1.7.x allows remote authenticated users to execute arbitrary SQL commands via the search_user parameter.