Nice Name Crew - Security Researcher - Exploit Intelligence Platform

CVE-2007-4818 EXPLOITDB text WRITEUP

Txx CMS 0.2 - Remote Code Execution via doc_root Parameter

Multiple PHP remote file inclusion vulnerabilities in Txx CMS 0.2 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) addons/plugin.php, (2) addons/sidebar.php, (3) mail/index.php, or (4) mail/mailbox.php in modules/.

View Code

CVE-2007-5082 EXPLOITDB perl WORKING POC

BrightStor Hierarchical Storage Manager - Remote Code Execution via CsAgent Service Command

Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter.

View Code

CVE-2007-4819 EXPLOITDB text WRITEUP

Txx CMS 0.2 - Cross-Site Scripting

Multiple cross-site scripting (XSS) vulnerabilities in Txx CMS 0.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

View Code

CVE-2007-4524 EXPLOITDB text WORKING POC

PhPress 0.2.0 - Remote File Inclusion via lang Parameter

PHP remote file inclusion vulnerability in adisplay.php in PhPress 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter.

View Code

CVE-2007-5234 EXPLOITDB text WRITEUP

Ossigeno CMS 2.2 alpha3 - Remote Code Execution via Level Parameter

PHP remote file inclusion vulnerability in upload/common/footer.php in Ossigeno CMS 2.2 alpha3 allows remote attackers to execute arbitrary PHP code via a URL in the level parameter.

View Code