ZoRLu Bugrahan - Security Researcher - Exploit Intelligence Platform

CVE-2014-9448 EXPLOITDB perl WORKING POC

Mini-stream RM-MP3 Converter <3.1.2.1.2010.03.30 - Buffer Overflow

Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long string in a WAX file.

View Code

CVE-2014-8953 EXPLOITDB text WORKING POC

Php Scriptlerim Who's Who - CSRF

Multiple cross-site request forgery (CSRF) vulnerabilities in Php Scriptlerim Who's Who script allow remote attackers to hijack the authentication of administrators or requests that (1) add an admin account via a request to filepath/yonetim/plugin/adminsave.php or have unspecified impact via a request to (2) ayarsave.php, (3) uyesave.php, (4) slaytadd.php, or (5) slaytsave.php.

View Code

CVE-2014-9348 EXPLOITDB text WORKING POC

RobotStats 1.0 - SQL Injection

SQL injection vulnerability in the formulaireRobot function in admin/robots.lib.php in RobotStats 1.0 allows remote attackers to execute arbitrary SQL commands via the robot parameter to admin/robots.php.

View Code

CVE-2014-8995 EXPLOITDB text WORKING POC

Maarch LetterBox 2.8 - SQL Injection

SQL injection vulnerability in Maarch LetterBox 2.8 allows remote attackers to execute arbitrary SQL commands via the UserId cookie.

View Code

EIP-2026-107122 EXPLOITDB perl WORKING POC

Flat Calendar 1.1 - HTML Injection

View Code

CVE-2014-9349 EXPLOITDB text WORKING POC

RobotStats 1.0 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in admin/robots.lib.php in RobotStats 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) nom or (2) user_agent parameter to admin/robots.php.

View Code