Net.Edit0r

23 exploits Active since Dec 2005
CVE-2005-3948 EXPLOITDB WRITEUP
Phpalbum < 0.2.3 - Path Traversal
Directory traversal vulnerability in main.php in PHPAlbum 0.2.3 and earlier allows remote attackers to read arbitrary files via the (1) cmd and (2) var1 parameters.
CVE-2011-4806 EXPLOITDB text WRITEUP
Phpalbum < 0.4.1.16 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in main.php in phpAlbum 0.4.1.16 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) var1 and (2) keyword parameters.
EIP-2026-114647 EXPLOITDB text WORKING POC
Zoopeer 0.1/0.2 - 'FCKeditor' Arbitrary File Upload
EIP-2026-114488 EXPLOITDB text WORKING POC
xt:Commerce Shopsoftware 3/4 - 'FCKeditor' Arbitrary File Upload
CVE-2014-9463 EXPLOITDB HIGH text WORKING POC
vBulletin - Authenticated RCE
functions_vbseo_hook.php in the VBSEO module for vBulletin allows remote authenticated users to execute arbitrary code via the HTTP Referer header to visitormessage.php.
CVSS 8.8
EIP-2026-112325 EXPLOITDB text WRITEUP
Softbiz Recipes Portal Script - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-112040 EXPLOITDB text WRITEUP
Siena CMS 1.242 - 'err' Cross-Site Scripting
EIP-2026-111387 EXPLOITDB text WRITEUP
Point Market System 3.1x vBulletin plugin - SQL Injection
CVE-2011-4807 EXPLOITDB text WRITEUP
Phpalbum < 0.4.1.16 - Path Traversal
Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the var1 parameter.
EIP-2026-110264 EXPLOITDB text WRITEUP
Opencart 1.4.9.1 - Arbitrary File Upload
EIP-2026-109910 EXPLOITDB text WRITEUP
News Script PHP Pro - 'FCKeditor' Arbitrary File Upload
CVE-2011-2938 EXPLOITDB text WRITEUP
Mantisbt < 1.2.6 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php in MantisBT before 1.2.7 allow remote attackers to inject arbitrary web script or HTML via a parameter, as demonstrated by the project_id parameter to search.php.
EIP-2026-107953 EXPLOITDB text WORKING POC
IrIran Shoping Script - SQL Injection
EIP-2026-107496 EXPLOITDB text WRITEUP
Greeting card 1.1 - SQL Injection
EIP-2026-106251 EXPLOITDB text WRITEUP
CS-Cart 2.2.1 - 'products.php' SQL Injection
EIP-2026-105466 EXPLOITDB text WORKING POC
BigACE 2.7.5 - Arbitrary File Upload
EIP-2026-105724 EXPLOITDB text WORKING POC
Card sharj 1.0 - Multiple SQL Injections
EIP-2026-100550 EXPLOITDB text WORKING POC
Sitefinity CMS - 'ASP.NET' Arbitrary File Upload
EIP-2026-100568 EXPLOITDB text WRITEUP
SOOP Portal 2.0 - Arbitrary File Upload
EIP-2026-100471 EXPLOITDB text WRITEUP
Paliz Portal - Cross-Site Scripting / Multiple SQL Injections
EIP-2026-100092 EXPLOITDB text WORKING POC
Acidcat CMS 3.3 - 'FCKeditor' Arbitrary File Upload
EIP-2026-100232 EXPLOITDB text WORKING POC
CosmoQuest - Authentication Bypass
EIP-2026-100017 EXPLOITDB html WORKING POC
PHP-Nuke 8.2 - Arbitrary File Upload