ToXiC CreW

5 exploits Active since Oct 2006
CVE-2006-5147 EXPLOITDB text WORKING POC
VAMP Webmail <2.0beta1 - RCE
PHP remote file inclusion vulnerability in wamp_dir/setup/yesno.phtml in VAMP Webmail 2.0beta1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the no_url parameter.
CVE-2006-5521 EXPLOITDB text WORKING POC
Net_DNS <0.03 - RCE
PHP remote file inclusion vulnerability in DNS/RR.php in Net_DNS 0.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.
CVE-2006-5587 EXPLOITDB text WORKING POC
MDweb <1.3 - RCE
Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and earlier (Mdweb132-postgres) allow remote attackers to execute arbitrary PHP code via a URL in the chemin_appli parameter in (1) admin/inc/organisations/form_org.inc.php and (2) admin/inc/organisations/country_insert.php.
EIP-2026-108048 EXPLOITDB text WORKING POC
Jaws 0.5.2 - '/include/JawsDB.php' Remote File Inclusion
CVE-2006-5384 EXPLOITDB text WORKING POC
CDS Agenda <4.2.9 - RCE
PHP remote file inclusion vulnerability in modification/SendAlertEmail.php in CDS Software Consortium CDS Agenda 4.2.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AGE parameter.