Tim Coen

EIP-2026-105472 EXPLOITDB text WRITEUP

BigTree CMS 4.2.3 - (Authenticated) SQL Injection

View Code

EIP-2026-105223 EXPLOITDB text WRITEUP

Arastta 1.1.5 - SQL Injection

View Code

EIP-2026-105292 EXPLOITDB text WRITEUP

ATutor 2.2 - Multiple Cross-Site Scripting Vulnerabilities

View Code

CVE-2015-7309 EXPLOITDB ruby WORKING POC

Bolt < 2.2.5 - Authenticated Remote Code Execution via Theme Editor File Rename

The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it.

View Code