h4ntu

8 exploits Active since Jul 2006
CVE-2006-5519 EXPLOITDB text WORKING POC
MambWeather < 1.8.1 - Remote Code Execution via mosConfig_absolute_path Parameter
PHP remote file inclusion vulnerability in Savant2/Savant2_Plugin_options.php in the MambWeather 1.8.1 and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-3736 EXPLOITDB text WORKING POC
Mambo VideoDB - Remote File Inclusion via mosConfig_absolute_path Parameter
PHP remote file inclusion vulnerability in core/videodb.class.xml.php in the VideoDB component for Mambo 0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-3528 EXPLOITDB text WORKING POC
Simpleboard < 1.1.0 - Remote Code Execution via PHP File Inclusion in sbp Parameter
Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) image_upload.php and (2) file_upload.php.
EIP-2026-109276 EXPLOITDB text WRITEUP
Mambo Componen phpBB 1.2.4 - Multiple Remote File Inclusions
CVE-2006-7208 EXPLOITDB text WORKING POC
Adam van Dongen Forum (com_forum) 1.2.4RC3 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in download.php in the Adam van Dongen Forum (com_forum) component (aka phpBB component) 1.2.4RC3 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-3748 EXPLOITDB text WRITEUP
LoudMouth Component for Mambo - Remote Code Execution via mosConfig_absolute_path Parameter
PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-7032 EXPLOITDB perl WORKING POC
FlashBB < 1.1.5 - Remote File Inclusion via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in phpbb/getmsg.php in FlashBB 1.1.5 and earlier allows remote attackers to execute arbitrary code via a URL in the phpbb_root_path parameter.
EIP-2026-106551 EXPLOITDB text WORKING POC
dotProject 2.0.3 - 'baseDir' Remote File Inclusion