cr4wl3r

143 exploits Active since Jan 2006
EIP-2026-107464 EXPLOITDB text WORKING POC
gpEasy 1.5RC3 - Remote File Inclusion
CVE-2010-1272 EXPLOITDB text WRITEUP
Gnat-TGP <1.2.20 - RCE
PHP remote file inclusion vulnerability in includes/tgpinc.php in Gnat-TGP 1.2.20 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.
CVE-2010-1737 EXPLOITDB text WORKING POC
Carlos Eduardo Sotelo Pinto 0.1.0 - Code Injection
PHP remote file inclusion vulnerability in core/includes/gfw_smarty.php in Gallo 0.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the config[gfwroot] parameter.
EIP-2026-107322 EXPLOITDB text WRITEUP
Fw-BofF (oolime-resurrection) 1.5.3beta - Multiple Remote File Inclusions
EIP-2026-107316 EXPLOITDB text WORKING POC
FusionForge 5.0 - Multiple Remote File Inclusions
EIP-2026-107310 EXPLOITDB text WORKING POC
FunGamez - Arbitrary File Upload
EIP-2026-107209 EXPLOITDB text WORKING POC
Free Blog 1.0 - Multiple Vulnerabilities
CVE-2009-3660 EXPLOITDB text WRITEUP
Efront < 3.5.4 - Code Injection
PHP remote file inclusion vulnerability in libraries/database.php in Efront 3.5.4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's security documentation.
EIP-2026-107075 EXPLOITDB text WORKING POC
FestOs 2.2.1 - Multiple Remote File Inclusions
CVE-2009-4435 EXPLOITDB text WRITEUP
F3Site 2009 - Path Traversal
Multiple directory traversal vulnerabilities in F3Site 2009 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[nlang] parameter to (1) mod/poll.php and (2) mod/new.php.
CVE-2009-4435 EXPLOITDB text WRITEUP
F3Site 2009 - Path Traversal
Multiple directory traversal vulnerabilities in F3Site 2009 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[nlang] parameter to (1) mod/poll.php and (2) mod/new.php.
EIP-2026-106870 EXPLOITDB text WORKING POC
EncapsCMS 0.3.6 - 'config[path]' Remote File Inclusion
CVE-2009-4154 EXPLOITDB text WORKING POC
Elxis CMS - Path Traversal
Directory traversal vulnerability in includes/feedcreator.class.php in Elxis CMS allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
CVE-2010-0966 EXPLOITDB php WORKING POC
deV!L`z Clanportal 1.5.2 - Code Injection
PHP remote file inclusion vulnerability in inc/config.php in deV!L`z Clanportal (DZCP) 1.5.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter.
EIP-2026-106697 EXPLOITDB text WORKING POC
Easy Live Shop System - SQL Injection
EIP-2026-106619 EXPLOITDB text WORKING POC
E Sms Script - Multiple SQL Injections
EIP-2026-106324 EXPLOITDB text WORKING POC
Cydia Repo Manager - Cross-Site Request Forgery
EIP-2026-106425 EXPLOITDB text WORKING POC
DesktopOnNet 3 Beta9 - Local File Inclusion
EIP-2026-106354 EXPLOITDB text WORKING POC
DasForum - 'layout' Local File Inclusion
CVE-2009-4156 EXPLOITDB text WORKING POC
Ciamos CMS <0.9.5 - RCE
PHP remote file inclusion vulnerability in modules/pms/index.php in Ciamos CMS 0.9.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_path parameter.
EIP-2026-105512 EXPLOITDB text WORKING POC
Blax Blog 0.1 - 'girisyap.php' SQL Injection
EIP-2026-105818 EXPLOITDB text WORKING POC
Chaton 1.5.2 - Local File Inclusion
CVE-2008-5781 EXPLOITDB text WORKING POC
Cant Find A Gaming CMS (CFAGCMS) 1.0 Beta 1 - SQL Injection
SQL injection vulnerability in right.php in Cant Find A Gaming CMS (CFAGCMS) 1.0 Beta 1 allows remote attackers to execute arbitrary SQL commands via the title parameter.
EIP-2026-105665 EXPLOITDB text WORKING POC
BuzzyWall 1.3.2 - 'resolute.php' Information Disclosure
EIP-2026-105634 EXPLOITDB text WORKING POC
BSW Gallery - 'uploadpic.php' Arbitrary File Upload