Silentium

5 exploits Active since May 2005
CVE-2005-1654 EXPLOITDB c WORKING POC
Hosting Controller <6.1.9 - RCE
Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users via a direct request to addsubsite.asp with the loginname and password parameters set.
CVE-2005-0647 EXPLOITDB c WORKING POC
paNews 2.0.4b - Command Injection
admin_setup.php in paNews 2.0.4b allows remote attackers to inject arbitrary PHP code via the (1) $form[comments] or (2) $form[autoapprove] parameters, which are written to config.php.
EIP-2026-110858 EXPLOITDB c WORKING POC
PHP-Nuke 7.4 - Admin
EIP-2026-107314 EXPLOITDB c WORKING POC
Fusion SBX 1.2 - Remote Command Execution
EIP-2026-100742 EXPLOITDB c WORKING POC
AWStats 5.7 < 6.2 - Multiple Remote