Omar Kurt

7 exploits Active since Aug 2013
CVE-2013-5314 EXPLOITDB text WORKING POC
Serendipity < 1.6.2 - Cross-Site Scripting via serendipity[htmltarget] Parameter
Cross-site scripting (XSS) vulnerability in serendipity_admin_image_selector.php in Serendipity 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the serendipity[htmltarget] parameter.
CVE-2014-6308 EXPLOITDB text WRITEUP
OsClass < 3.4.2 - Path Traversal via File Parameter in oc-admin/index.php
Directory traversal vulnerability in OSClass before 3.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter in a render action to oc-admin/index.php.
CVE-2018-19782 EXPLOITDB MEDIUM text WRITEUP
FreshRSS 1.11.1 - Cross-Site Scripting via GET Parameters
Multiple cross-site scripting (XSS) vulnerabilities in GET requests in FreshRSS 1.11.1 allow remote attackers to inject arbitrary web script or HTML via the (1) c parameter or (2) a parameter.
CVSS 6.1
EIP-2026-107421 EXPLOITDB text WRITEUP
glFusion 1.3.0 - 'search.php?cat_id' SQL Injection
EIP-2026-106192 EXPLOITDB text WORKING POC
Course Registration Management System - Cross-Site Scripting / SQL Injection
EIP-2026-105572 EXPLOITDB text WORKING POC
BoastMachine - 'blog' SQL Injection
EIP-2026-105476 EXPLOITDB text WORKING POC
Bilboplanet - 'auth.php' SQL Injection