Sina Yazdanmehr

6 exploits Active since Aug 2008
CVE-2008-3568 EXPLOITDB text WRITEUP
UNAK-CMS 1.5.5 - Path Traversal via Dirroot Parameter
Absolute path traversal vulnerability in fckeditor/editor/filemanager/browser/default/connectors/php/connector.php in UNAK-CMS 1.5.5 allows remote attackers to include and execute arbitrary local files via a full pathname in the Dirroot parameter, a different vulnerability than CVE-2006-4890.1.
CVE-2009-0302 EXPLOITDB text WORKING POC
PHP-Nuke <8.1.0.3.5b - SQL Injection
SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php.
EIP-2026-104704 EXPLOITDB text WORKING POC
PHP 5.3.0 - 'pdflib' Arbitrary File Write
CVE-2009-3330 EXPLOITDB python WORKING POC
cP Creator 2.7.1 - SQL Injection via Support Ticket Parameter
SQL injection vulnerability in index.php in cP Creator 2.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tickets parameter in a support ticket action.
EIP-2026-100401 EXPLOITDB text WORKING POC
Madrese-Portal - 'haber.asp' SQL Injection
EIP-2026-100413 EXPLOITDB text WORKING POC
Mavi Emlak - 'newDetail.asp' SQL Injection