eidelweiss

60 exploits Active since May 2007
CVE-2008-7254 EXPLOITDB text WORKING POC
Irmin CMS <0.7 - Path Traversal
Directory traversal vulnerability in includes/template-loader.php in Irmin CMS (formerly Pepsi CMS) 0.5 and 0.6 BETA2, when register_globals is enabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the _Root_Path parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-119288 EXPLOITDB c WORKING POC
WinSoftMagic Photo Editor - '.png' Remote Buffer Overflow
CVE-2007-3162 EXPLOITDB text WORKING POC
Westbyte Internet Download Accelerator - Buffer Overflow
Buffer overflow in the NotSafe function in the idaiehlp ActiveX control in idaiehlp.dll 1.9.1.74 in Internet Download Accelerator (ida) 5.2 allows remote attackers to cause a denial of service (Internet Explorer crash) via a long argument.
EIP-2026-115353 EXPLOITDB text WORKING POC
Google Chrome 4.1.249.1064 - Remote Memory Corrupt
EIP-2026-114503 EXPLOITDB text WRITEUP
YACS CMS 10.5.27 - 'context[path_to_root]' Remote File Inclusion
EIP-2026-113264 EXPLOITDB text WORKING POC
webEdition CMS 6.1.0.2 - 'DOCUMENT_ROOT' Local File Inclusion
EIP-2026-113263 EXPLOITDB text WORKING POC
webEdition CMS - Local File Inclusion
EIP-2026-112805 EXPLOITDB text WRITEUP
Tugux CMS - 'nid' Blind SQL Injection
EIP-2026-112711 EXPLOITDB text WORKING POC
TinyMCPUK - 'test' Cross-Site Scripting
EIP-2026-112256 EXPLOITDB php WORKING POC
SmodCMS 4.07 (fckeditor) - Arbitrary File Upload
EIP-2026-112016 EXPLOITDB text WRITEUP
Shawn Bradley PHP Volunteer Management 1.0.2 - 'id' SQL Injection
EIP-2026-111724 EXPLOITDB text WORKING POC
Redaxo 4.2.1 - Remote File Inclusion
EIP-2026-111284 EXPLOITDB text WORKING POC
Pithcms - 'theme' Local/Remote File Inclusion
EIP-2026-111366 EXPLOITDB text WORKING POC
Plume CMS 1.2.4 - Multiple Local File Inclusions
EIP-2026-111412 EXPLOITDB php WORKING POC
Portaneo Portal 2.2.3 - Arbitrary File Upload
EIP-2026-111399 EXPLOITDB text WORKING POC
PolyPager 1.0rc10 - 'FCKeditor' Arbitrary File Upload
EIP-2026-111591 EXPLOITDB text WORKING POC
Puntal 2.1.0 - Remote File Inclusion
EIP-2026-111012 EXPLOITDB text WRITEUP
phpCMS 9.0 - Blind SQL Injection
EIP-2026-111075 EXPLOITDB text WRITEUP
PHPIDS 0.4 - Remote File Inclusion
EIP-2026-111040 EXPLOITDB php WORKING POC
phpegasus 0.1.2 - 'FCKeditor' Arbitrary File Upload
EIP-2026-110736 EXPLOITDB text WRITEUP
PHP PEAR 1.9.0 - Multiple Remote File Inclusions
EIP-2026-110762 EXPLOITDB text WORKING POC
PHP SETI@home Web monitor - 'PHPsetimon' Local/Remote File Inclusion
CVE-2010-1309 EXPLOITDB text WORKING POC
Irmin CMS <0.6 BETA2 - Path Traversal
Directory traversal vulnerability in Irmin CMS (formerly Pepsi CMS) 0.6 BETA2 allows remote attackers to read arbitrary files via a .. (dot dot) in the w parameter to index.php.
CVE-2010-3204 EXPLOITDB text WORKING POC
Pecio CMS 2.0.5 - RCE
Multiple PHP remote file inclusion vulnerabilities in Pecio CMS 2.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the template parameter to (1) post.php, (2) article.php, (3) blog.php, or (4) home.php in pec_templates/nova-blue/.
EIP-2026-109980 EXPLOITDB text WORKING POC
Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities