Xianur0

9 exploits Active since Sep 2006
CVE-2006-4714 EXPLOITDB perl WORKING POC
SpoonLabs Vivvo Article Management CMS <3.2 - RCE
PHP remote file inclusion vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the classified_path parameter.
CVE-2006-4715 EXPLOITDB perl WORKING POC
SpoonLabs Vivvo Article Management CMS <3.2 - SQL Injection
SQL injection vulnerability in pdf_version.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-3939 EXPLOITDB perl WORKING POC
SpoonLabs Vivvo Article Management CMS < 3.40 - SQL Injection via Category Parameter
SQL injection vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) CMS 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter.
EIP-2026-112114 EXPLOITDB text WORKING POC
Simple Machines Forum (SMF) 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload
EIP-2026-112113 EXPLOITDB text WORKING POC
Simple Machines Forum (SMF) 1.1.7 - '[url]' Tag HTML Injection
EIP-2026-112106 EXPLOITDB text WORKING POC
Simple Machines Forum (SMF) - 'BBCode' Cookie Stealing
EIP-2026-112107 EXPLOITDB perl WORKING POC
Simple Machines Forum (SMF) 1.0.13/1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass
CVE-2008-6077 EXPLOITDB perl WORKING POC
LoudBlog <= 0.8.0a - Authenticated SQL Injection via colpick Parameter
SQL injection vulnerability in loudblog/ajax.php in LoudBlog 0.8.0a and earlier allows remote authenticated users to execute arbitrary SQL commands via the colpick parameter in a singleread action.
CVE-2008-4620 EXPLOITDB perl WORKING POC
MRBS < 1.4 - SQL Injection via Area Parameter
SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.php and (3) week.php.