Pouya Daneshmand

25 exploits Active since Feb 2010
EIP-2026-118932 EXPLOITDB html WORKING POC
Multiple Browsers (FF3.6.7/SM 2.0.6) - Clickjacking
EIP-2026-118290 EXPLOITDB html WORKING POC
Avant Browser 11.7 build 45 - Clickjacking
EIP-2026-115996 EXPLOITDB html WORKING POC
Opera - Canvas Element (Denial of Service)
EIP-2026-114632 EXPLOITDB text WORKING POC
Zomorrod CMS - SQL Injection
EIP-2026-112953 EXPLOITDB text WRITEUP
Vana CMS - 'Filename' Arbitrary File Download
EIP-2026-112546 EXPLOITDB text WRITEUP
Tadbir CMS - 'FCKeditor' Arbitrary File Upload
CVE-2010-1060 EXPLOITDB text WORKING POC
Phpkobo Short URL 1.01 - Path Traversal
Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Short URL 1.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter.
EIP-2026-111881 EXPLOITDB text WORKING POC
Saman Portal - SQL Injection
EIP-2026-110477 EXPLOITDB text WRITEUP
Parallels System Automation (PSA) - Local File Inclusion
CVE-2010-0696 EXPLOITDB text WRITEUP
JoomlaWorks AllVideos <3.2 - Path Traversal
Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
CVE-2010-2679 EXPLOITDB text WORKING POC
Joomla! - SQL Injection
SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2010-1062 EXPLOITDB text WORKING POC
Phpkobo Free Real Estate Contact Form 1.09 - Path Traversal
Directory traversal vulnerability in codelib/sys/common.inc.php in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-1058 EXPLOITDB text WORKING POC
Phpkobo Address Book Script <1.09 - Path Traversal
Directory traversal vulnerability in codelib/cfg/common.inc.php in Phpkobo Address Book Script 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter.
EIP-2026-104402 EXPLOITDB text WRITEUP
Plesk Server Administrator (PSA) - 'locale' Local File Inclusion
EIP-2026-104018 EXPLOITDB html WORKING POC
Opera Browser 10.60 - Clickjacking
EIP-2026-104003 EXPLOITDB html WORKING POC
Netscape Browser 9.0.0.6 - Clickjacking
EIP-2026-103988 EXPLOITDB text WRITEUP
Mongoose 2.8 - Space String Remote File Disclosure
EIP-2026-103621 EXPLOITDB text WRITEUP
Pargoon CMS - Denial of Service
EIP-2026-103859 EXPLOITDB html WORKING POC
Apple Safari 4.0.2 - Clickjacking
EIP-2026-103582 EXPLOITDB text WRITEUP
Multiple Browsers - Address bar Characters
EIP-2026-100636 EXPLOITDB text WRITEUP
Ziggurat Farsi CMS - 'bck' Directory Traversal
EIP-2026-100637 EXPLOITDB text WORKING POC
Ziggurat Farsi CMS - 'id' Cross-Site Scripting
EIP-2026-100512 EXPLOITDB text WRITEUP
RaakCMS - Multiple Vulnerabilities
EIP-2026-100311 EXPLOITDB text WORKING POC
Espinas CMS - SQL Injection
EIP-2026-100083 EXPLOITDB text WRITEUP
Sigma Portal - 'ShowObjectPicture.aspx' Denial of Service