Salvatore "drosophila" Fresta

30 exploits Active since Feb 2009
CVE-2009-4794 EXPLOITDB text WORKING POC
Community CMS 0.5 - SQL Injection via article_id Parameter or Calendar Event Action
Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to view.php and the (2) a parameter in an event action to calendar.php, reachable through index.php.
EIP-2026-105514 EXPLOITDB text WORKING POC
blindblog 1.3.1 - SQL Injection / Authentication Bypass / Local File Inclusion
CVE-2009-0853 EXPLOITDB text WORKING POC
CelerBB 0.0.2 - Authentication Bypass via Username Parameter
login.php in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allows remote attackers to bypass authentication and obtain administrative access via special characters in the Username parameter, as demonstrated by an admin'# parameter value.
EIP-2026-105529 EXPLOITDB text WORKING POC
Blogman 0.45 - Multiple Vulnerabilities
EIP-2026-104937 EXPLOITDB text WORKING POC
adaptbb 1.0b - Multiple Vulnerabilities