hyp3rlinx

260 exploits Active since Jun 2015
CVE-2017-7620 EXPLOITDB MEDIUM text WORKING POC
MantisBT < 1.3.11, 2.x < 2.3.3, 2.4.x < 2.4.1 - Cross-Site Request Forgery via Permalink Injection
MantisBT before 1.3.11, 2.x before 2.3.3, and 2.4.x before 2.4.1 omits a backslash check in string_api.php and consequently has conflicting interpretations of an initial \/ substring as introducing either a local pathname or a remote hostname, which leads to (1) arbitrary Permalink Injection via CSRF attacks on a permalink_page.php?url= URI and (2) an open redirect via a login_page.php?return= URI.
CVSS 6.5
CVE-2017-7615 EXPLOITDB HIGH text WORKING POC
MantisBT < 2.3.0 - Unauthenticated Arbitrary Password Reset via Empty Confirm Hash
MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.
CVSS 8.8
CVE-2017-8928 EXPLOITDB HIGH text WORKING POC
mailcow 0.14 - Cross-Site Request Forgery
mailcow 0.14, as used in "mailcow: dockerized" and other products, has CSRF.
CVSS 8.8
EIP-2026-109099 EXPLOITDB text WORKING POC
Lepton CMS 2.2.0/2.2.1 - PHP Code Injection
EIP-2026-109098 EXPLOITDB text WORKING POC
Lepton CMS 2.2.0/2.2.1 - Directory Traversal
CVE-2015-5066 EXPLOITDB text WRITEUP
GeniXCMS 0.0.3 - Cross-Site Scripting via Posts Page Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) content or (2) title field in an add action in the posts page to index.php or the (3) q parameter in the posts page to index.php.
CVE-2016-4313 EXPLOITDB HIGH php WORKING POC
eXtplorer 2.1.9 - Path Traversal via Archive Extraction
Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. (dot dot) in an archive file.
CVSS 7.8
EIP-2026-106731 EXPLOITDB text WORKING POC
EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution
EIP-2026-106462 EXPLOITDB text WORKING POC
dirLIST 0.3.0 - Arbitrary File Upload
CVE-2017-7725 EXPLOITDB MEDIUM text WORKING POC
concrete5 8.1.0 - Cross-Site Scripting via Host Header Injection
concrete5 8.1.0 places incorrect trust in the HTTP Host header during caching, if the administrator did not define a "canonical" URL on installation of concrete5 using the "Advanced Options" settings. Remote attackers can make a GET request with any domain name in the Host header; this is stored and allows for arbitrary domains to be set for certain links displayed to subsequent visitors, potentially an XSS vector.
CVSS 6.1
EIP-2026-105793 EXPLOITDB html WORKING POC
CF Image Host 1.65 - Cross-Site Request Forgery
EIP-2026-105794 EXPLOITDB text WRITEUP
CF Image Host 1.65 - PHP Command Injection
EIP-2026-105613 EXPLOITDB text WORKING POC
BoZoN 2.4 - Remote Code Execution
CVE-2017-12971 EXPLOITDB MEDIUM text WORKING POC
Apache2Triad 1.5.4 - Cross-Site Scripting via phpsftpd/users.php Account Parameter
Cross-site scripting (XSS) vulnerability in Apache2Triad 1.5.4 allows remote attackers to inject arbitrary web script or HTML via the account parameter to phpsftpd/users.php.
CVSS 6.1
EIP-2026-105365 EXPLOITDB text WORKING POC
b374k 3.2.3/2.8 (Web Shell) - Cross-Site Request Forgery / Command Injection
CVE-2017-17055 EXPLOITDB CRITICAL text WORKING POC
Artica Web Proxy <3.06.112911 - XSS
Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting (XSS) attack involving the username-form-id parameter to freeradius.users.php.
CVSS 9.0
EIP-2026-105058 EXPLOITDB text WORKING POC
AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities
EIP-2026-104959 EXPLOITDB text WORKING POC
Adminer 4.3.1 - Server-Side Request Forgery
EIP-2026-104976 EXPLOITDB text WORKING POC
Advanced Electron Forum 1.0.9 - Remote File Inclusion / Cross-Site Request Forgery
EIP-2026-104975 EXPLOITDB text WORKING POC
Advanced Electron Forum 1.0.9 - Persistent Cross-Site Scripting
EIP-2026-104974 EXPLOITDB text WORKING POC
Advanced Electron Forum 1.0.9 - Cross-Site Request Forgery
EIP-2026-104761 EXPLOITDB ruby WORKING POC
phpFileManager 0.9.8 - Remote Code Execution (Metasploit)
CVE-2019-19245 EXPLOITDB CRITICAL python WORKING POC
NAPC Xinet Elegant 6.1.655 - SQL Injection
NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginForm[username] field when double quotes are used.
CVSS 9.8
CVE-2017-5607 EXPLOITDB LOW text WORKING POC
Splunk Enterprise <6.5.1 & Splunk Light <6.5.2 - Sensitive Info Exposure via Global Window Namespace
Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.13.1, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3 and Splunk Light before 6.5.2 assigns the $C JS property to the global Window namespace, which might allow remote attackers to obtain sensitive logged-in username and version-related information via a crafted webpage.
CVSS 3.5
CVE-2017-16884 EXPLOITDB MEDIUM text WORKING POC
mistserver < 2.13 - Unauthenticated Stored Cross-Site Scripting via Failed Authentication Alert
Cross-site scripting (XSS) vulnerability in MistServer before 2.13 allows remote attackers to inject arbitrary web script or HTML via vectors related to failed authentication requests alerts.
CVSS 6.1