eidelweiss - Security Researcher - Exploit Intelligence Platform

EIP-2026-109831 EXPLOITDB text WORKING POC

Nakid CMS 0.5.2 - 'FCKeditor' Arbitrary File Upload

View Code

EIP-2026-109817 EXPLOITDB text WORKING POC

N/X Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities

View Code

CVE-2010-1337 EXPLOITDB text WRITEUP

Lussumo Vanilla <1.1.10 - RCE

Multiple PHP remote file inclusion vulnerabilities in definitions.php in Lussumo Vanilla 1.1.10, and possibly 0.9.2 and other versions, allow remote attackers to execute arbitrary PHP code via a URL in the (1) include and (2) Configuration['LANGUAGE'] parameters.

View Code

CVE-2007-2826 EXPLOITDB text WORKING POC

Madirish Webmail 2.0 - RCE

PHP remote file inclusion vulnerability in lib/addressbook.php in Madirish Webmail 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[basedir] parameter.

View Code

EIP-2026-109361 EXPLOITDB text WRITEUP

Maximus CMS 1.1.2 - 'FCKeditor' Arbitrary File Upload

View Code

EIP-2026-108742 EXPLOITDB text WRITEUP

Joomla! Component joomlacontenteditor - Blind SQL Injection

View Code

EIP-2026-109030 EXPLOITDB php WORKING POC

Knowledgeroot (fckeditor) - Arbitrary File Upload

View Code

EIP-2026-108947 EXPLOITDB php WORKING POC

JV2 Folder Gallery 3.1.1 - 'popup_slideshow.php' Multiple Vulnerabilities

View Code

CVE-2010-1268 EXPLOITDB text WRITEUP

justVisual CMS 2.0 - Path Traversal

Directory traversal vulnerability in index.php in justVisual CMS 2.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information.

View Code

EIP-2026-108422 EXPLOITDB text WORKING POC

Joomla! Component com_jwmmxtd - Remote File Inclusion

View Code

EIP-2026-108651 EXPLOITDB text WORKING POC

Joomla! Component FLEXIcontent 1.5 - Local File Inclusion

View Code

EIP-2026-108574 EXPLOITDB text WORKING POC

Joomla! Component com_universal - Remote File Inclusion

View Code

EIP-2026-108191 EXPLOITDB text WORKING POC

Joomla! Component aardvertiser 2.0 - Local File Inclusion

View Code

EIP-2026-107820 EXPLOITDB text WORKING POC

In-portal 5.0.3 - Arbitrary File Upload

View Code

EIP-2026-108085 EXPLOITDB text WORKING POC

jevoncms - Local/Remote File Inclusion

View Code

EIP-2026-107684 EXPLOITDB php WORKING POC

hustoj - 'FCKeditor' Arbitrary File Upload

View Code

EIP-2026-107469 EXPLOITDB text WRITEUP

GR Board 1.8.6 - 'page.php' Remote File Inclusion

View Code

CVE-2008-7176 EXPLOITDB text WORKING POC

Facil CMS 0.1RC - Path Traversal

Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) change_lang parameter to index.php or (2) modload parameter to modules.php.

View Code

CVE-2010-1299 EXPLOITDB text WORKING POC

DynPG CMS 4.1.0 - RCE

Multiple PHP remote file inclusion vulnerabilities in DynPG CMS 4.1.0, and possibly earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) DefineRootToTool parameter to counter.php, (2) PathToRoot parameter to plugins/DPGguestbook/guestbookaction.php and (3) get_popUpResource parameter to backendpopup/popup.php. NOTE: some of these details are obtained from third party information.

View Code

CVE-2010-1299 EXPLOITDB text WORKING POC

DynPG CMS 4.1.0 - RCE

Multiple PHP remote file inclusion vulnerabilities in DynPG CMS 4.1.0, and possibly earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) DefineRootToTool parameter to counter.php, (2) PathToRoot parameter to plugins/DPGguestbook/guestbookaction.php and (3) get_popUpResource parameter to backendpopup/popup.php. NOTE: some of these details are obtained from third party information.

View Code

EIP-2026-106477 EXPLOITDB text WORKING POC

DM FileManager 3.9.11 - Arbitrary File Upload

View Code

EIP-2026-106454 EXPLOITDB text WRITEUP

Digitalus 1.10.0 Alpha2 - Arbitrary File Upload

View Code

EIP-2026-106395 EXPLOITDB text WORKING POC

DDLCMS 2.1 - 'skin' Remote File Inclusion

View Code

EIP-2026-106349 EXPLOITDB text WORKING POC

DaLogin 2.2 - 'FCKeditor' Arbitrary File Upload

View Code

EIP-2026-106298 EXPLOITDB text WRITEUP

CuteNews - 'page' Local File Inclusion

View Code