hyp3rlinx

260 exploits Active since Jun 2015
CVE-2017-14087 EXPLOITDB HIGH text WRITEUP
Trend Micro OfficeScan XG 12.0 - Host Header Injection
A Host Header Injection vulnerability in Trend Micro OfficeScan XG (12.0) may allow an attacker to spoof a particular Host header, allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages.
CVSS 7.5
EIP-2026-112402 EXPLOITDB text WORKING POC
SQLBuddy 1.3.3 - Directory Traversal
CVE-2016-4309 EXPLOITDB HIGH text WRITEUP
Symphony CMS 2.6.7 - Info Disclosure
Session fixation vulnerability in Symphony CMS 2.6.7, when session.use_only_cookies is disabled, allows remote attackers to hijack web sessions via the PHPSESSID parameter.
CVSS 7.5
CVE-2016-5304 EXPLOITDB MEDIUM text WORKING POC
Symantec Endpoint Protection Manager < 12.1.6 - Open Redirect
Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVSS 6.8
EIP-2026-112267 EXPLOITDB text WORKING POC
sNews CMS 1.7.1 - Multiple Vulnerabilities
EIP-2026-111947 EXPLOITDB text WORKING POC
ScriptCase 8.1.053 - Multiple Vulnerabilities
EIP-2026-111211 EXPLOITDB text WORKING POC
phpSQLiteCMS - Multiple Vulnerabilities
EIP-2026-111045 EXPLOITDB text WORKING POC
phpFileManager 0.9.8 - Cross-Site Request Forgery
EIP-2026-111203 EXPLOITDB text WRITEUP
PHPShell 2.4 - Session Fixation
EIP-2026-111144 EXPLOITDB text WORKING POC
phpMyBackupPro 2.5 - Remote Command Execution / Cross-Site Request Forgery
CVE-2015-6518 EXPLOITDB text WORKING POC
Phpliteadmin - XSS
Multiple cross-site scripting (XSS) vulnerabilities in phpLiteAdmin 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, (2) droptable parameter, or (3) table parameter to phpliteadmin.php.
EIP-2026-111050 EXPLOITDB text WORKING POC
PHPfileNavigator 2.3.3 - Privilege Escalation
EIP-2026-111049 EXPLOITDB text WRITEUP
PHPfileNavigator 2.3.3 - Cross-Site Scripting
EIP-2026-111048 EXPLOITDB text WORKING POC
PHPfileNavigator 2.3.3 - Cross-Site Request Forgery
EIP-2026-111046 EXPLOITDB text WORKING POC
phpFileManager 0.9.8 - Remote Command Execution
EIP-2026-110935 EXPLOITDB php WORKING POC
PHPBack 1.3.0 - SQL Injection
CVE-2017-5630 EXPLOITDB HIGH text WORKING POC
PHP Pear - Injection
PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate file types and filenames after a redirect, which allows remote HTTP servers to overwrite files via crafted responses, as demonstrated by a .htaccess overwrite.
CVSS 7.5
EIP-2026-110760 EXPLOITDB text WORKING POC
PHP Server Monitor 3.1.1 - Multiple Cross-Site Request Forgery Vulnerabilities
EIP-2026-110759 EXPLOITDB html WORKING POC
PHP Server Monitor 3.1.1 - Cross-Site Request Forgery / Privilege Escalation
EIP-2026-110737 EXPLOITDB text WRITEUP
PHP PEAR HTTP_Upload 1.0.0b3 - Arbitrary File Upload
CVE-2015-5354 EXPLOITDB text WRITEUP
Novius OS 5.0.1 - Open Redirect
Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login.
EIP-2026-109830 EXPLOITDB text WORKING POC
Nakid CMS - Multiple Vulnerabilities
EIP-2026-109822 EXPLOITDB text WORKING POC
Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities
EIP-2026-109669 EXPLOITDB php WORKING POC
My Little Forum 2.3.5 - PHP Command Injection
EIP-2026-109564 EXPLOITDB text WORKING POC
Monsta FTP 1.6.2 - Multiple Vulnerabilities