Miroslav Stampar

64 exploits Active since Aug 2011
CVE-2011-3192 NOMISEC WORKING POC
Apache HTTP Server < 2.0.65 - Denial of Service
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
14 stars
CVE-2011-3192 VULNCHECK_XDB WORKING POC
Apache HTTP Server < 2.0.65 - Denial of Service
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
CVE-2011-5286 EXPLOITDB text WORKING POC
Social Slider < 7.4.0 - SQL Injection
SQL injection vulnerability in social-slider-2/ajax.php in the Social Slider plugin before 7.4.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the rA array parameter.
EIP-2026-114298 EXPLOITDB text WORKING POC
WordPress Plugin Zotpress 4.4 - SQL Injection
EIP-2026-114208 EXPLOITDB text WORKING POC
WordPress Plugin WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection
EIP-2026-114091 EXPLOITDB text WORKING POC
WordPress Plugin Super CAPTCHA 2.2.4 - SQL Injection
EIP-2026-114105 EXPLOITDB text WORKING POC
WordPress Plugin Symposium 0.64 - SQL Injection
EIP-2026-114023 EXPLOITDB text WORKING POC
WordPress Plugin SCORM Cloud 1.0.6.6 - SQL Injection
EIP-2026-114174 EXPLOITDB text WORKING POC
WordPress Plugin VideoWhisper Video Presentation 1.1 - SQL Injection
EIP-2026-114287 EXPLOITDB text WORKING POC
WordPress Plugin yolink Search 1.1.4 - SQL Injection
EIP-2026-114037 EXPLOITDB text WORKING POC
WordPress Plugin SH Slideshow 3.1.4 - SQL Injection
EIP-2026-114251 EXPLOITDB text WORKING POC
WordPress Plugin WP-Filebase Download Manager 0.2.9 - SQL Injection
EIP-2026-114152 EXPLOITDB text WORKING POC
WordPress Plugin UPM Polls 1.0.3 - SQL Injection
EIP-2026-114147 EXPLOITDB text WORKING POC
WordPress Plugin UnGallery 1.5.8 - Local File Disclosure
EIP-2026-114126 EXPLOITDB text WORKING POC
WordPress Plugin Tune Library 2.17 - SQL Injection
EIP-2026-114025 EXPLOITDB text WORKING POC
WordPress Plugin SearchAutocomplete 1.0.8 - SQL Injection
EIP-2026-113670 EXPLOITDB text WORKING POC
WordPress Plugin Crawl Rate Tracker 2.0.2 - SQL Injection
EIP-2026-113664 EXPLOITDB text WORKING POC
WordPress Plugin Couponer 1.2 - SQL Injection
EIP-2026-113574 EXPLOITDB text WORKING POC
WordPress Plugin Audio Gallery Playlist 0.12 - SQL Injection
EIP-2026-113660 EXPLOITDB text WORKING POC
WordPress Plugin Count per Day 2.17 - SQL Injection
EIP-2026-113735 EXPLOITDB text WORKING POC
WordPress Plugin Facebook Promotions 1.3.3 - SQL Injection
EIP-2026-113653 EXPLOITDB text WORKING POC
WordPress Plugin Contus HD FLV Player 1.3 - SQL Injection
EIP-2026-113559 EXPLOITDB text WORKING POC
WordPress Plugin Allow PHP in Posts and Pages 2.0.0.RC1 - SQL Injection
EIP-2026-113744 EXPLOITDB text WORKING POC
WordPress Plugin File Groups 1.1.2 - SQL Injection
CVE-2011-4671 EXPLOITDB text WORKING POC
Adrotate < 3.6.7 - SQL Injection
SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL).