Zone-h Security Team

7 exploits Active since Dec 2003
EIP-2026-112801 EXPLOITDB text WORKING POC
TSguestbook 2.1 - 'Message' HTML Injection
CVE-2003-1089 EXPLOITDB text WRITEUP
Zorum 3.4 - Info Disclosure
index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message.
EIP-2026-110504 EXPLOITDB text WRITEUP
PayPal Store Front 3.0 - 'index.php' Remote File Inclusion
EIP-2026-106381 EXPLOITDB text WORKING POC
DCForum+ 1.2 - 'Subject' HTML Injection
CVE-2004-2368 EXPLOITDB text WRITEUP
Opt-X 0.7.2 - RCE
PHP remote file inclusion vulnerability in header.php in Opt-X 0.7.2 allows remote attackers to execute arbitrary PHP code via the systempath parameter.
CVE-2004-2127 EXPLOITDB text WORKING POC
Web Blog 1.1 - Path Traversal
Directory traversal vulnerability in Web Blog 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file variable.
CVE-2004-2132 EXPLOITDB text WRITEUP
PJreview_Neo.cgi - Path Traversal
Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter.