Tran Dinh Tien

4 exploits Active since Dec 2014
CVE-2015-2825 EXPLOITDB text WORKING POC
Simple Ads Manager < 2.5.94 - Unauthenticated Arbitrary File Upload via sam-ajax-admin.php
Unrestricted file upload vulnerability in sam-ajax-admin.php in the Simple Ads Manager plugin before 2.5.96 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the directory specified by the path parameter.
CVE-2014-9215 EXPLOITDB text WRITEUP
PBBoard < 3.0.1 - SQL Injection via Email Parameter in Register Page
SQL injection vulnerability in the CheckEmail function in includes/functions.class.php in PBBoard 3.0.1 before 20141128 allows remote attackers to execute arbitrary SQL commands via the email parameter in the register page to index.php. NOTE: the email parameter in the forget page vector is already covered by CVE-2012-4034.2.
EIP-2026-105243 EXPLOITDB text WORKING POC
ArticleFR CMS 3.0.5 - Arbitrary File Upload
CVE-2015-1364 EXPLOITDB text WORKING POC
Free Reprintables ArticleFR <3.0.5 - SQL Injection
SQL injection vulnerability in the getProfile function in system/profile.functions.php in Free Reprintables ArticleFR 3.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter to register/.