h4ntu

8 exploits Active since Jul 2006
CVE-2006-5519 EXPLOITDB text WORKING POC
Mambweather < 1.8.1 - Code Injection
PHP remote file inclusion vulnerability in Savant2/Savant2_Plugin_options.php in the MambWeather 1.8.1 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-3736 EXPLOITDB text WORKING POC
Mambo <0.3 - RCE
PHP remote file inclusion vulnerability in core/videodb.class.xml.php in the VideoDB component for Mambo 0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-3528 EXPLOITDB text WORKING POC
Simpleboard Mambo <1.1.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) image_upload.php and (2) file_upload.php.
EIP-2026-109276 EXPLOITDB text WRITEUP
Mambo Componen phpBB 1.2.4 - Multiple Remote File Inclusions
CVE-2006-7208 EXPLOITDB text WORKING POC
Adam VAN Dongen Com Forum - Improper Input Validation
PHP remote file inclusion vulnerability in download.php in the Adam van Dongen Forum (com_forum) component (aka phpBB component) 1.2.4RC3 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-3748 EXPLOITDB text WRITEUP
Mamboxchange Loudmouth - Code Injection
PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-7032 EXPLOITDB perl WORKING POC
FlashBB <1.1.5 - RCE
PHP remote file inclusion vulnerability in phpbb/getmsg.php in FlashBB 1.1.5 and earlier allows remote attackers to execute arbitrary code via a URL in the phpbb_root_path parameter.
EIP-2026-106551 EXPLOITDB text WORKING POC
dotProject 2.0.3 - 'baseDir' Remote File Inclusion