flyh4t

5 exploits Active since Jan 2009
CVE-2009-20006 EXPLOITDB CRITICAL php WORKING POC
osCommerce <= 2.2 RC2a - Unauthenticated Arbitrary File Upload via Admin File Manager
osCommerce versions up to and including 2.2 RC2a contain a vulnerability in its administrative file manager utility (admin/file_manager.php). The interface allows file uploads and edits without sufficient input validation or access control. An unauthenticated attacker can craft a POST request to upload a .php file containing arbitrary code, which is then executed by the server.
CVE-2011-4026 EXPLOITDB text WORKING POC
NexusPHP 1.5 - SQL Injection via Thanks.php ID Parameter
SQL injection vulnerability in thanks.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-0290 EXPLOITDB text WORKING POC
SIR GNUBoard 4.31.03 - Path Traversal
Directory traversal vulnerability in common.php in SIR GNUBoard 4.31.03 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the g4_path parameter. NOTE: in some environments, this can be leveraged for remote code execution via a data: URI or a UNC share pathname.
CVE-2011-4066 EXPLOITDB text WRITEUP
Gnuboard < 4.33.02 - SQL Injection via PATH_INFO
SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
EIP-2026-100327 EXPLOITDB html WORKING POC
FooSun - 'Api_Response.asp' SQL Injection