Tim Herres

7 exploits Active since Jun 2013
EIP-2026-114640 EXPLOITDB text WRITEUP
Zoneminder 1.29/1.30 - Cross-Site Scripting / SQL Injection / Session Fixation / Cross-Site Request Forgery
EIP-2026-114350 EXPLOITDB text WRITEUP
WordPress Theme SiteMile Project 2.0.9.5 - Multiple Vulnerabilities
EIP-2026-111725 EXPLOITDB text WRITEUP
Redaxo 5.0.0 - Multiple Vulnerabilities
EIP-2026-107850 EXPLOITDB text WRITEUP
inoERP 0.6.1 - Cross-Site Scripting / Cross-Site Request Forgery / SQL Injection / Session Fixation
EIP-2026-107848 EXPLOITDB text WRITEUP
inoERP 0.6.1 - Cross-Site Scripting / Cross-Site Request Forgery / SQL Injection / Session Fixation
EIP-2026-107849 EXPLOITDB text WRITEUP
inoERP 0.6.1 - Cross-Site Scripting / Cross-Site Request Forgery / SQL Injection / Session Fixation
CVE-2013-0143 EXPLOITDB text WORKING POC
QNAP VioStor NVR 4.0.3 and Surveillance Station Pro - Authenticated Remote Code Execution via pingping.cgi Query String
cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string.