Mehmet Ince

176 exploits Active since Dec 2002
CVE-2008-0922 EXPLOITDB text WORKING POC
Php-nuke Manuales - SQL Injection
SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php.
CVE-2008-0881 EXPLOITDB text WORKING POC
Phpnuke Okul Module - SQL Injection
SQL injection vulnerability in modules.php in the Okul 1.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the okulid parameter in an okullar action.
CVE-2007-0761 EXPLOITDB text WORKING POC
phpBB ezconvert <0.2 - RCE
PHP remote file inclusion vulnerability in config.php in phpBB ezBoard converter (ezconvert) 0.2 allows remote attackers to execute arbitrary PHP code via a URL in the ezconvert_dir parameter.
CVE-2007-1555 EXPLOITDB text WORKING POC
Minerva - SQL Injection
SQL injection vulnerability in forum.php in the Minerva mod 2.0.21 build 238a and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the c parameter.
CVE-2007-0680 EXPLOITDB text WORKING POC
Phpbb Tweaked <3 - RCE
PHP remote file inclusion vulnerability in includes/functions.php in Phpbb Tweaked 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5223 EXPLOITDB text WORKING POC
phpBB <1.0 - RCE
PHP remote file inclusion vulnerability in includes/functions_user_viewed_posts.php in the Nivisec User Viewed Posts Tracker module 1.0 and earlier for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5094 EXPLOITDB text WORKING POC
phpBB XS 2 - RCE
PHP remote file inclusion vulnerability in includes/functions_kb.php in the phpBB XS 2 (Spain version) allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter, a different vector than CVE-2006-4780 or CVE-2006-4893.
CVE-2007-0762 EXPLOITDB perl WORKING POC
phpBB++ <100 - RCE
PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2007-0656 EXPLOITDB text WORKING POC
phpBB2-MODificat <0.2.0 - RCE
PHP remote file inclusion vulnerability in includes/functions.php in phpBB2-MODificat 0.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2007-6088 EXPLOITDB text WORKING POC
phpBBViet <2.03.07 - RCE
PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBBViet 02.03.07 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-6789 EXPLOITDB text WORKING POC
Phpbbxtra 2.0 - Code Injection
PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in Phpbbxtra 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2007-0702 EXPLOITDB text WORKING POC
phpEventMan 1.0.2 - RCE
Multiple PHP remote file inclusion vulnerabilities in phpEventMan 1.0.2 allow remote attackers to execute arbitrary PHP code via a URL in the level parameter to (1) Shared/controller/text.ctrl.php or (2) UserMan/controller/common.function.php.
CVE-2006-5458 EXPLOITDB text WORKING POC
PHP <common.php - RCE
PHP remote file inclusion vulnerability in common.php in Hinton Design phpht Topsites allows remote attackers to execute arbitrary PHP code via a URL in the phpht_real_path parameter.
CVE-2006-5261 EXPLOITDB text WORKING POC
PHPMyNews <1.4 - RCE
Multiple PHP remote file inclusion vulnerabilities in PHPMyNews 1.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the cfg_include_dir parameter in (1) disp_form.php3, (2) disp_smileys.php3, (3) little_news.php3, and (4) index.php3 in include/.
CVE-2006-5207 EXPLOITDB text WORKING POC
phpMyTeam 2.0 - RCE
PHP remote file inclusion vulnerability in images/smileys/smileys_packs.php in phpMyTeam 2.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the smileys_dir parameter.
CVE-2006-5181 EXPLOITDB text WORKING POC
phpMyWebmin 1.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the target parameter in (1) change_preferences2.php, (2) create_file.php, (3) upload_local.php, and (4) upload_multi.php, different vectors than CVE-2006-5124.
CVE-2009-2098 EXPLOITDB text WRITEUP
phPortal 1.0 - SQL Injection
SQL injection vulnerability in topicler.php in phPortal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-4115 EXPLOITDB text WORKING POC
PgMarket 2.2.3 - RCE
PHP remote file inclusion vulnerability in common.inc.php in PgMarket 2.2.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the CFG[libdir] parameter.
CVE-2008-0880 EXPLOITDB text WORKING POC
Phpnuke Easycontent Module - SQL Injection
SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
CVE-2007-1980 EXPLOITDB text WORKING POC
Nick Jones Topliste Module - SQL Injection
SQL injection vulnerability in index.php in the Topliste 1.0 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2007-1978 EXPLOITDB text WORKING POC
PHP Fusion Arcade Module - SQL Injection
SQL injection vulnerability in index.php in the Arcade 1.00 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view_game_list action.
CVE-2007-0584 EXPLOITDB text WORKING POC
PhP Generic Library & Framework - RCE
PHP remote file inclusion vulnerability in membres/membreManager.php in PhP Generic Library & Framework for comm (g-neric) allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter.
CVE-2007-2672 EXPLOITDB text WORKING POC
PHP Coupon Script 3.0 - SQL Injection
SQL injection vulnerability in index.php in PHP Coupon Script 3.0 allows remote attackers to execute arbitrary SQL commands via the bus parameter in a viewbus page.
CVE-2006-5543 EXPLOITDB text WORKING POC
PHP Generator of Object SQL Database - RCE
PHP remote file inclusion vulnerability in misc/function.php3 in PHP Generator of Object SQL Database (PGOSD), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
CVE-2008-6409 EXPLOITDB text WORKING POC
Brian Wilson Ol'bookmarks - SQL Injection
SQL injection vulnerability in index.php in ol'bookmarks manager 0.7.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a brain action.