WaRWolFz Crew

9 exploits Active since Jan 2009
EIP-2026-112024 EXPLOITDB perl WORKING POC
ShopCartDx 4.30 - 'products.php' Blind SQL Injection
EIP-2026-111587 EXPLOITDB perl WORKING POC
PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete
EIP-2026-111588 EXPLOITDB perl WORKING POC
PunBB Automatic Image Upload 1.3.5 - SQL Injection
CVE-2009-2276 EXPLOITDB perl WORKING POC
Vote For Us Extension < 1.0.1 - SQL Injection via 'out' Parameter
SQL injection vulnerability in voteforus.php in the Vote For Us extension 1.0.1 and earlier for PunBB allows remote attackers to execute arbitrary SQL commands via the out parameter.
CVE-2009-2787 EXPLOITDB perl WORKING POC
Reputation plugin for PunBB <= 2.2.4 - Remote File Inclusion via pun_user[language] Parameter
Directory traversal vulnerability in include/reputation/rep_profile.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and earlier for PunBB, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pun_user[language] parameter.
EIP-2026-111583 EXPLOITDB perl WORKING POC
PunBB 1.3.4 / Pun_PM 1.2.6 - Blind SQL Injection
CVE-2009-0302 EXPLOITDB perl WORKING POC
PHP-Nuke <8.1.0.3.5b - SQL Injection
SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php.
EIP-2026-110867 EXPLOITDB perl WORKING POC
PHP-Nuke 8.0 - SQL Injection
CVE-2010-4942 EXPLOITDB python WORKING POC
E-Xoopport Samsara <3.1 - SQL Injection
SQL injection vulnerability in location.php in the eCal module in E-Xoopport Samsara 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter.