cp77fk4r

25 exploits Active since Oct 2007
CVE-2009-4467 EXPLOITDB text WRITEUP
DeluxeBB 1.3 - RCE
misc.php in DeluxeBB 1.3 allows remote attackers to register accounts without a valid email address via a valemail action with the valmem set to a pre-assigned user ID, which is visible from a memberlist action.
CVE-2009-4466 EXPLOITDB text WRITEUP
DeluxeBB 1.3 - Info Disclosure
DeluxeBB 1.3 allows remote attackers to obtain sensitive information via a crafted page parameter to misc.php, which reveals the installation path in an error message. NOTE: this issue might be resultant from improperly controlled computation in tools.php that leads to a denial of service (CPU or memory consumption).
CVE-2009-4465 EXPLOITDB text WRITEUP
DeluxeBB 1.3 - Info Disclosure
DeluxeBB 1.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain user and configuration information, log data, and gain administrative access via a direct request to scripts in (1) templates/ including (2) templates/deluxe/admincp/, (3) templates/corporate/admincp/, and (4) templates/blue/admincp/; (5) images/; (6) logs/ including (7) logs/cp.php; (8) wysiwyg/; (9) docs/; (10) classes/; (11) lang/; and (12) settings/.
EIP-2026-119424 EXPLOITDB text WORKING POC
SHOUTcast Server 1.9.8/Win32 - Cross-Site Request Forgery
CVE-2007-5235 EXPLOITDB text WRITEUP
Uebimiau - XSS
Cross-site scripting (XSS) vulnerability in index.php in Uebimiau 2.7.2 through 2.7.10 allows remote attackers to inject arbitrary web script or HTML via the f_email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-112305 EXPLOITDB text WRITEUP
social Web CMS Beta 2 - Multiple Vulnerabilities
EIP-2026-112327 EXPLOITDB text WORKING POC
SoftComplex PHP Event Calendar 1.5 - Multiple Remote Vulnerabilities
EIP-2026-112048 EXPLOITDB text WORKING POC
SilverStripe CMS 2.3.5 - Cross-Site Request Forgery / Open Redirection
EIP-2026-112025 EXPLOITDB text WRITEUP
ShopEx Single 4.5.1 - Multiple Vulnerabilities
EIP-2026-111136 EXPLOITDB text WORKING POC
phpMyAdmin 2.6.3-pl1 - Cross-Site Scripting / Full Path
EIP-2026-111184 EXPLOITDB text WRITEUP
PHPplanner PHP Planner 0.4 - Multiple Vulnerabilities
EIP-2026-110693 EXPLOITDB text WRITEUP
PHP Event Calendar 1.5 - Multiple Vulnerabilities
CVE-2009-4468 EXPLOITDB text WRITEUP
DeluxeBB 1.3 - XSS
Cross-site scripting (XSS) vulnerability in misc.php in DeluxeBB 1.3 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
EIP-2026-105958 EXPLOITDB text WORKING POC
cms -db 0.7.13 - Multiple Vulnerabilities
EIP-2026-105521 EXPLOITDB text WORKING POC
Blog System 1.x - Multiple Input Validation Vulnerabilities
EIP-2026-105520 EXPLOITDB text WRITEUP
Blog System 1.5 - Multiple Vulnerabilities
EIP-2026-104671 EXPLOITDB text WORKING POC
PHP Captcha Security Images - Denial of Service
EIP-2026-103949 EXPLOITDB text WORKING POC
Java Mini Web Server 1.0 - Directory Traversal / Cross-Site Scripting
EIP-2026-104107 EXPLOITDB text WORKING POC
Tiny Java Web Server 1.71 - Multiple Input Validation Vulnerabilities
EIP-2026-104006 EXPLOITDB text WORKING POC
Nginx 0.6.36 - Directory Traversal
EIP-2026-103986 EXPLOITDB text WRITEUP
miniature java Web server 1.71 - Multiple Vulnerabilities
EIP-2026-102423 EXPLOITDB text WORKING POC
ShopEx Single 4.5.1 - 'errinfo' Cross-Site Scripting
EIP-2026-100439 EXPLOITDB text WORKING POC
MOJO's IWms 7 - SQL Injection / Cross-Site Scripting
EIP-2026-100529 EXPLOITDB text WRITEUP
SafeSHOP 1.5.6 - Cross-Site Scripting / Multiple Cross-Site Request Forgery Vulnerabilities
EIP-2026-100438 EXPLOITDB text WRITEUP
MOJO IWms 7 - 'default.asp' Cookie Manipulation