cr4wl3r

143 exploits Active since Jan 2006
EIP-2026-105619 EXPLOITDB perl WORKING POC
Brewthology 0.1 - SQL Injection
EIP-2026-105417 EXPLOITDB text WORKING POC
Baykus Yemek Tarifleri 2.1 - SQL Injection
EIP-2026-105152 EXPLOITDB text WRITEUP
Amateur Photographer's Image Gallery - 'force-download.php?File' Information Disclosure
CVE-2010-0611 EXPLOITDB text WORKING POC
baal_systems < 3.8 - SQL Injection via adminlogin.php Username and Password Parameters
Multiple SQL injection vulnerabilities in adminlogin.php in Baal Systems 3.8 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
EIP-2026-105321 EXPLOITDB text WORKING POC
autonomous lan party 0.98.3 - Remote File Inclusion
CVE-2009-4264 EXPLOITDB text WORKING POC
AROUNDMe 1.1 - Remote Code Execution via Language Path Parameter
PHP remote file inclusion vulnerability in components/core/connect.php in AROUNDMe 1.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the language_path parameter.
CVE-2010-4998 EXPLOITDB text WORKING POC
ardeaCore PHP Framework 2.2 - Remote File Inclusion via pathForArdeaCore Parameter
PHP remote file inclusion vulnerability in ardeaCore/lib/core/ardeaInit.php in ardeaCore PHP Framework 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the pathForArdeaCore parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-105155 EXPLOITDB text WRITEUP
Amateur Photographer's Image Gallery - 'plist.php?albumid' SQL Injection
EIP-2026-105154 EXPLOITDB text WRITEUP
Amateur Photographer's Image Gallery - 'plist.php?albumid' Cross-Site Scripting
EIP-2026-105153 EXPLOITDB text WRITEUP
Amateur Photographer's Image Gallery - 'fullscreen.php?albumid' SQL Injection
EIP-2026-105064 EXPLOITDB text WORKING POC
al3jeb script - Remote Authentication Bypass
EIP-2026-104854 EXPLOITDB text WRITEUP
4x CMS - 'login.php' Multiple SQL Injections
EIP-2026-104855 EXPLOITDB text WORKING POC
4x CMS r26 - Authentication Bypass
EIP-2026-104837 EXPLOITDB text WORKING POC
427BB 2.3.2 - SQL Injection
CVE-2009-3324 EXPLOITDB text WORKING POC
ProdLer < 2.0 - Remote Code Execution via sPath Parameter
PHP remote file inclusion vulnerability in include/prodler.class.php in ProdLer 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sPath parameter.
CVE-2009-3492 EXPLOITDB text WORKING POC
Loggix Project <= 9.4.5 - Remote Code Execution via pathToIndex Parameter
Multiple PHP remote file inclusion vulnerabilities in Loggix Project 9.4.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the pathToIndex parameter to (1) Calendar.php, (2) Comment.php, (3) Rss.php and (4) Trackback.php in lib/Loggix/Module/; and (5) modules/downloads/lib/LM_Downloads.php.
EIP-2026-103313 EXPLOITDB text WRITEUP
Quate CMS 0.3.5 - Local/Remote File Inclusion
EIP-2026-103287 EXPLOITDB text WORKING POC
ISPworker 1.23 - Remote File Disclosure