Trex

5 exploits Active since Sep 2006
CVE-2023-6933 NOMISEC HIGH WORKING POC
Better Search Replace <= 1.4.4 - Unauthenticated PHP Object Injection via Untrusted Input Deserialization
The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.4 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
CVSS 8.8
CVE-2007-2368 EXPLOITDB text WRITEUP
WebSPELL <4.01.02 - Info Disclosure
picture.php in WebSPELL 4.01.02 and earlier allows remote attackers to read arbitrary files via the file parameter.
CVE-2006-4782 EXPLOITDB text WORKING POC
WebSPELL <= 4.01.01 - Authentication Bypass and Information Disclosure via userID Parameter
src/index.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication and gain sensitive information stored in the database via a modified userID parameter in a write action to admin/database.php.
CVE-2007-2369 EXPLOITDB text WRITEUP
WebSPELL < 4.01.02 - Directory Traversal via Picture.php ID Parameter
Directory traversal vulnerability in picture.php in WebSPELL 4.01.02 and earlier, when PHP before 4.3.0 is used, allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter.
CVE-2006-5140 EXPLOITDB php WORKING POC
Lappy512 PHP Krazy Image Host Script 0.7a - SQL Injection
SQL injection vulnerability in display.php in Lappy512 PHP Krazy Image Host Script (phpkimagehost) 0.7a allows remote attackers to execute arbitrary SQL commands via the id parameter.