jolascoaga - Security Researcher - Exploit Intelligence Platform

CVE-2006-3819 EXPLOITDB perl WORKING POC

TWiki 4.0.0-4.0.4 - Remote Code Execution via Configure Script TYPEOF Parameter

Eval injection vulnerability in the configure script in TWiki 4.0.0 through 4.0.4 allows remote attackers to execute arbitrary Perl code via an HTTP POST request containing a parameter name starting with "TYPEOF".

View Code

CVE-2006-2908 EXPLOITDB perl WORKING POC

MyBulletinBoard 1.1.2 - Remote Code Execution via Username Field Preg Replace

The domecode function in inc/functions_post.php in MyBulletinBoard (MyBB) 1.1.2, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the username field, which is used in a preg_replace function call with a /e (executable) modifier.

View Code

EIP-2026-107930 EXPLOITDB perl WORKING POC

Invision Power Board 2.1.5 - 'search.php' Remote Code Execution

View Code

EIP-2026-107615 EXPLOITDB perl WORKING POC

Horde Help Viewer 3.1 - Remote Command Execution

View Code