eidelweiss

60 exploits Active since May 2007
CVE-2008-7254 EXPLOITDB text WORKING POC
Irmin CMS 0.5 and 0.6 BETA2 - Path Traversal via _Root_Path Parameter
Directory traversal vulnerability in includes/template-loader.php in Irmin CMS (formerly Pepsi CMS) 0.5 and 0.6 BETA2, when register_globals is enabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the _Root_Path parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-119288 EXPLOITDB c WORKING POC
WinSoftMagic Photo Editor - '.png' Remote Buffer Overflow
CVE-2007-3162 EXPLOITDB text WORKING POC
Internet Download Accelerator 5.2 - Buffer Overflow via idaiehlp ActiveX Control
Buffer overflow in the NotSafe function in the idaiehlp ActiveX control in idaiehlp.dll 1.9.1.74 in Internet Download Accelerator (ida) 5.2 allows remote attackers to cause a denial of service (Internet Explorer crash) via a long argument.
EIP-2026-115353 EXPLOITDB text WORKING POC
Google Chrome 4.1.249.1064 - Remote Memory Corrupt
EIP-2026-114503 EXPLOITDB text WRITEUP
YACS CMS 10.5.27 - 'context[path_to_root]' Remote File Inclusion
EIP-2026-113264 EXPLOITDB text WORKING POC
webEdition CMS 6.1.0.2 - 'DOCUMENT_ROOT' Local File Inclusion
EIP-2026-113263 EXPLOITDB text WORKING POC
webEdition CMS - Local File Inclusion
EIP-2026-112805 EXPLOITDB text WRITEUP
Tugux CMS - 'nid' Blind SQL Injection
EIP-2026-112711 EXPLOITDB text WORKING POC
TinyMCPUK - 'test' Cross-Site Scripting
EIP-2026-112256 EXPLOITDB php WORKING POC
SmodCMS 4.07 (fckeditor) - Arbitrary File Upload
EIP-2026-112016 EXPLOITDB text WRITEUP
Shawn Bradley PHP Volunteer Management 1.0.2 - 'id' SQL Injection
EIP-2026-111724 EXPLOITDB text WORKING POC
Redaxo 4.2.1 - Remote File Inclusion
EIP-2026-111284 EXPLOITDB text WORKING POC
Pithcms - 'theme' Local/Remote File Inclusion
EIP-2026-111366 EXPLOITDB text WORKING POC
Plume CMS 1.2.4 - Multiple Local File Inclusions
EIP-2026-111412 EXPLOITDB php WORKING POC
Portaneo Portal 2.2.3 - Arbitrary File Upload
EIP-2026-111399 EXPLOITDB text WORKING POC
PolyPager 1.0rc10 - 'FCKeditor' Arbitrary File Upload
EIP-2026-111591 EXPLOITDB text WORKING POC
Puntal 2.1.0 - Remote File Inclusion
EIP-2026-111012 EXPLOITDB text WRITEUP
phpCMS 9.0 - Blind SQL Injection
EIP-2026-111075 EXPLOITDB text WRITEUP
PHPIDS 0.4 - Remote File Inclusion
EIP-2026-111040 EXPLOITDB php WORKING POC
phpegasus 0.1.2 - 'FCKeditor' Arbitrary File Upload
EIP-2026-110736 EXPLOITDB text WRITEUP
PHP PEAR 1.9.0 - Multiple Remote File Inclusions
EIP-2026-110762 EXPLOITDB text WORKING POC
PHP SETI@home Web monitor - 'PHPsetimon' Local/Remote File Inclusion
CVE-2010-1309 EXPLOITDB text WORKING POC
Irmin CMS <0.6 BETA2 - Path Traversal
Directory traversal vulnerability in Irmin CMS (formerly Pepsi CMS) 0.6 BETA2 allows remote attackers to read arbitrary files via a .. (dot dot) in the w parameter to index.php.
CVE-2010-3204 EXPLOITDB text WORKING POC
Pecio CMS 2.0.5 - Remote Code Execution via Template Parameter File Inclusion
Multiple PHP remote file inclusion vulnerabilities in Pecio CMS 2.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the template parameter to (1) post.php, (2) article.php, (3) blog.php, or (4) home.php in pec_templates/nova-blue/.
EIP-2026-109980 EXPLOITDB text WORKING POC
Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities