Mehmet Ince

176 exploits Active since Dec 2002
CVE-2017-14396 EXPLOITDB CRITICAL text SCANNER
osTicket - SQL Injection via Array Parameter Syntax
In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php.
CVSS 9.8
CVE-2006-5517 EXPLOITDB text WORKING POC
Rhode Island Open Meetings Filing System - Remote Code Execution via PROJECT_ROOT Parameter
Multiple PHP remote file inclusion vulnerabilities in Rhode Island Open Meetings Filing Application (OMFA) allow remote attackers to execute arbitrary PHP code via a URL in the PROJECT_ROOT parameter to (1) editmeetings/session.php, (2) email/session.php, (3) entityproperties/session.php, or (4) inc/mail.php.
CVE-2007-0683 EXPLOITDB text WORKING POC
Omegaboard 1.0beta4 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/functions.php in Omegaboard 1.0beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2007-0143 EXPLOITDB text WORKING POC
NUNE News Script 2.0pre2 - Remote File Inclusion via custom_admin_path Parameter
Multiple PHP remote file inclusion vulnerabilities in NUNE News Script 2.0pre2 allow remote attackers to execute arbitrary PHP code via a URL in the custom_admin_path parameter to (1) index.php or (2) archives.php.
CVE-2006-6795 EXPLOITDB text WORKING POC
myPHPNuke My_eGallery 2.5.6 - Remote File Inclusion via basepath Parameter
PHP remote file inclusion vulnerability in gallery/displayCategory.php in the My_eGallery 2.5.6 module in myPHPNuke (MPN) allows remote attackers to execute arbitrary PHP code via a URL in the basepath parameter.
EIP-2026-109943 EXPLOITDB php WORKING POC
No-CMS 0.6.6 rev 1 - Admin Account Hijacking / Remote Code Execution via Static Encryption Key
CVE-2006-5180 EXPLOITDB text WORKING POC
Sebastian Baumann & Philipp Wolfer Newswriter <1.42 - RCE
PHP remote file inclusion vulnerability in include/main.inc.php in Sebastian Baumann and Philipp Wolfer Newswriter SW 1.42 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NWCONF_SYSTEM[server_path] parameter, a different vector than CVE-2006-5102.
CVE-2009-0395 EXPLOITDB text WORKING POC
NetArt Media Car Portal 1.0 - SQL Injection
SQL injection vulnerability in the login feature in NetArt Media Car Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
CVE-2006-5613 EXPLOITDB text WORKING POC
MP3 Streaming DownSampler <3.0 - RCE
PHP remote file inclusion in Core/core.inc.php in MP3 Streaming DownSampler (mp3SDS) 3.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the fullpath parameter
EIP-2026-109284 EXPLOITDB php WORKING POC
Mambo Component com_sim 0.8 - Blind SQL Injection
CVE-2006-5620 EXPLOITDB text WORKING POC
MiniBILL 1.2.3 - Remote File Inclusion via config[page_dir] Parameter
PHP remote file inclusion vulnerability in include/menu_builder.php in MiniBILL 2006-10-10 (1.2.3) and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the config[page_dir] parameter, a different vector than CVE-2006-4489.
CVE-2018-12465 EXPLOITDB CRITICAL ruby WORKING POC
Micro Focus SMG <471 - Command Injection
An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve unauthenticated remote code execution. Affects Micro Focus Secure Messaging Gateway versions prior to 471. It does not affect previous versions of the product that used GWAVA product name (i.e. GWAVA 6.5).
CVSS 9.1
CVE-2006-4363 EXPLOITDB text WRITEUP
CropImage component 1.0 for Mambo - Remote File Inclusion via cropimagedir Parameter
PHP remote file inclusion vulnerability in admin.cropcanvas.php in the CropImage component (com_cropimage) 1.0 for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the cropimagedir parameter.
CVE-2007-2792 EXPLOITDB text WRITEUP
Yet another Newsletter Component (YaNC) < 1.5 beta 3 - SQL Injection via listid Parameter
SQL injection vulnerability in the Yet another Newsletter Component (aka YaNC or com_yanc) component before 1.5 beta 3 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2006-4858 EXPLOITDB text WORKING POC
mamboxchange serverstat_component < 0.4.4 - Remote Code Execution via mosConfig_absolute_path Parameter
PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat) 0.4.4 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2007-3118 EXPLOITDB text WRITEUP
K-letter 1.0 - Remote File Inclusion via scdir Parameter
Multiple PHP remote file inclusion vulnerabilities in Kravchuk letter (K-letter) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the scdir parameter to (1) action.php, (2) subs.php, or (3) unsubs.php.
CVE-2006-6800 EXPLOITDB text WORKING POC
Limbo CMS Event Module 1.0 - Remote File Inclusion via lm_absolute_path Parameter
PHP remote file inclusion in eventcal/mod_eventcal.php in the event module 1.0 for Limbo CMS allows remote attackers to execute arbitrary PHP code via a URL in the lm_absolute_path parameter.
CVE-2007-2779 EXPLOITDB text WRITEUP
libstats < 1.0.3 - Remote File Inclusion via rInfo[content] Parameter
PHP remote file inclusion vulnerability in template_csv.php in Libstats 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rInfo[content] parameter.
CVE-2007-5485 EXPLOITDB text WORKING POC
KwsPHP mg2 1.0 - SQL Injection via Album Parameter
SQL injection vulnerability in index.php in the mg2 1.0 module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the album parameter.
CVE-2006-4129 EXPLOITDB text WORKING POC
Joomla Webring Component 1.0 - Remote File Inclusion via component_dir Parameter
PHP remote file inclusion vulnerability in admin.webring.docs.php in the Webring Component (com_webring) 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the component_dir parameter.
CVE-2007-5451 EXPLOITDB text WORKING POC
com_colorlab 1.0 - Remote Code Execution via mosConfig_live_site Parameter
PHP remote file inclusion vulnerability in admin.color.php in the com_colorlab (aka com_color) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
CVE-2007-5309 EXPLOITDB text WORKING POC
webmaster-tips.net Flash Image Gallery 1.0 for Joomla! - Remote Code Execution via mosConfig_live_site Parameter
PHP remote file inclusion vulnerability in admin.wmtgallery.php in the webmaster-tips.net Flash Image Gallery (com_wmtgallery) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
CVE-2009-2633 EXPLOITDB text WORKING POC
Joomla! com_vehiclemanager 1.0 - RCE
PHP remote file inclusion vulnerability in toolbar_ext.php in the VehicleManager (com_vehiclemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2009-2635 EXPLOITDB text WORKING POC
Joomla! com_realestatemanager 1.0 Basic - RCE
PHP remote file inclusion vulnerability in toolbar_ext.php in the RealEstateManager (com_realestatemanager) component 1.0 Basic for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
EIP-2026-108451 EXPLOITDB text WORKING POC
Joomla! Component com_na_content 1.0 - Blind SQL Injection