Meisam Monsef

19 exploits Active since Feb 2026
CVE-2019-25732 EXPLOITDB HIGH text WORKING POC
PHP EI-Tube Script 3 SQL Injection via search parameter
PHP EI-Tube Script 3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. Attackers can send GET requests to the search endpoint with crafted SQL payloads in the query parameter to extract sensitive database information including usernames, passwords, and version details.
CVSS 8.2
CVE-2018-25422 EXPLOITDB HIGH text WORKING POC
MOGG web simulator Script All Version SQL Injection via play.php
MOGG web simulator Script contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the id parameter. Attackers can send GET requests to play.php with crafted SQL payloads in the id parameter to extract sensitive database information including usernames and other data.
CVSS 8.2
CVE-2020-37106 EXPLOITDB MEDIUM text WORKING POC
Business Live Chat Software 1.0 - CSRF
Business Live Chat Software 1.0 contains a cross-site request forgery vulnerability that allows attackers to change user account roles without authentication. Attackers can craft a malicious HTML form to modify user privileges by submitting a POST request to the user creation endpoint with administrative access parameters.
CVSS 5.3
EIP-2026-116283 EXPLOITDB python WORKING POC
SphereFTP Server 2.0 - Crash (PoC)
EIP-2026-113864 EXPLOITDB text WORKING POC
WordPress Plugin Learning Management System - 'course_id' SQL Injection
EIP-2026-110735 EXPLOITDB text WORKING POC
PHP News Script 4.0.0 - SQL Injection
EIP-2026-110749 EXPLOITDB text WORKING POC
PHP Realestate Script Script 4.9.0 - SQL Injection
EIP-2026-110748 EXPLOITDB php WORKING POC
PHP Real Estate Script 3 - Arbitrary File Disclosure
EIP-2026-110236 EXPLOITDB text WORKING POC
Open Source Real Estate Script 3.6.0 - SQL Injection
EIP-2026-109925 EXPLOITDB text WRITEUP
newsp.eu PHP Calendar Script 1.0 - User Credentials Disclosure
EIP-2026-109924 EXPLOITDB text WORKING POC
NewsP Free News Script 1.4.7 - User Credentials Disclosure
EIP-2026-109231 EXPLOITDB text WORKING POC
Lyrist - 'id' SQL Injection
EIP-2026-107843 EXPLOITDB text WORKING POC
Ingenious School Management System - 'id' SQL Injection
EIP-2026-106887 EXPLOITDB text WORKING POC
Entrepreneur B2B Script - 'pid' SQL Injection
EIP-2026-105938 EXPLOITDB python WORKING POC
ClipBucket 2.8.3 - Remote Code Execution
EIP-2026-105081 EXPLOITDB text WORKING POC
Alibaba Clone B2B Script - Admin Authentication Bypass
EIP-2026-105082 EXPLOITDB text WORKING POC
Alibaba Clone B2B Script - Arbitrary File Disclosure
EIP-2026-104411 EXPLOITDB text STUB
Real Web Pentesting Tutorial Step by Step - [Persian]
EIP-2026-101976 EXPLOITDB text WORKING POC
Security IP Camera Star Vision DVR - Authentication Bypass