Salvatore "drosophila" Fresta - Security Researcher

CVE-2009-4794 EXPLOITDB text WORKING POC

Community CMS 0.5 - SQL Injection

Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to view.php and the (2) a parameter in an event action to calendar.php, reachable through index.php.

View Code

EIP-2026-105514 EXPLOITDB text WORKING POC

blindblog 1.3.1 - SQL Injection / Authentication Bypass / Local File Inclusion

View Code

CVE-2009-0853 EXPLOITDB text WORKING POC

Stewart Howe Celerbb - Authentication Bypass

login.php in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allows remote attackers to bypass authentication and obtain administrative access via special characters in the Username parameter, as demonstrated by an admin'# parameter value.

View Code

EIP-2026-105529 EXPLOITDB text WORKING POC

Blogman 0.45 - Multiple Vulnerabilities

View Code

EIP-2026-104937 EXPLOITDB text WORKING POC

adaptbb 1.0b - Multiple Vulnerabilities

View Code