loneferret - Security Researcher - Exploit Intelligence Platform

EIP-2026-115197 EXPLOITDB python WORKING POC

EasyFTP Server 1.7.0.2 - (Authenticated) Buffer Overflow (SEH) (PoC)

View Code

EIP-2026-115196 EXPLOITDB python WORKING POC

EasyFTP Server 1.7.0.2 - (Authenticated) Buffer Overflow (PoC)

View Code

CVE-2012-2572 EXPLOITDB python WORKING POC

ThreeWP Email Reflector <1.16 - XSS

Cross-site scripting (XSS) vulnerability in the ThreeWP Email Reflector plugin before 1.16 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Subject of an email.

View Code

EIP-2026-114386 EXPLOITDB text WORKING POC

WS Interactive Automne 4.0 - '228-recherche.php' Cross-Site Scripting

View Code

CVE-2012-2579 EXPLOITDB python WORKING POC

WP SimpleMail 1.0.6 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in the WP SimpleMail plugin 1.0.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) To, (2) From, (3) Date, or (4) Subject field of an email.

View Code

CVE-2012-2580 EXPLOITDB python WORKING POC

Postie 1.4.3-1.5.15 - XSS

Cross-site scripting (XSS) vulnerability in the Postie plugin 1.4.3, and possibly before 1.5.15, for WordPress allows remote attackers to inject arbitrary web script or HTML via the From field of an email.

View Code

CVE-2012-2583 EXPLOITDB python WORKING POC

Mini Mail Dashboard Widget <1.42 - XSS

Cross-site scripting (XSS) vulnerability in Mini Mail Dashboard Widget plugin 1.42 for WordPress allows remote attackers to inject arbitrary web script or HTML via the body of an email.

View Code

EIP-2026-113218 EXPLOITDB text WRITEUP

Web Help Desk by SolarWinds - Persistent Cross-Site Scripting

View Code

EIP-2026-113299 EXPLOITDB text WORKING POC

weBid 1.0.5 - Directory Traversal

View Code

CVE-2012-2573 EXPLOITDB python WORKING POC

T-dah WebMail 3.2.0-2.3 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in T-dah WebMail 3.2.0-2.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS expression property in the STYLE attribute of an arbitrary element, (4) an ONLOAD attribute of a BODY element, (5) a crafted SRC attribute of an IFRAME element, (6) a crafted CONTENT attribute of an HTTP-EQUIV="refresh" META element, or (7) a data: URL in the CONTENT attribute of an HTTP-EQUIV="refresh" META element.

View Code

EIP-2026-112383 EXPLOITDB text WORKING POC

sphpforum 0.4 - Multiple Vulnerabilities

View Code

CVE-2012-3791 EXPLOITDB text WORKING POC

Cms-center Simple Web Content Management System - SQL Injection

Multiple SQL injection vulnerabilities in Simple Web Content Management System 1.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) item_delete.php, (2) item_status.php, (3) item_detail.php, (4) item_modify.php, or (5) item_position.php in admin/; or (6) status parameter to admin/item_status.php.

View Code

EIP-2026-111610 EXPLOITDB python WORKING POC

qdPM 7 - Arbitrary File upload

View Code

EIP-2026-111611 EXPLOITDB ruby WORKING POC

qdPM 7.0 - Arbitrary '.PHP' File Upload (Metasploit)

View Code

EIP-2026-110914 EXPLOITDB python WORKING POC

phpAcounts 0.5.3 - SQL Injection

View Code

CVE-2012-2925 EXPLOITDB text WORKING POC

Simple PHP Agenda 2.2.8 - SQL Injection

SQL injection vulnerability in engine.php in Simple PHP Agenda 2.2.8 allows remote attackers to execute arbitrary SQL commands via the priority parameter in an addTodo action.

View Code

EIP-2026-110784 EXPLOITDB text WORKING POC

PHP Volunteer Management System 1.0.2 - Multiple SQL Injections

View Code

EIP-2026-110758 EXPLOITDB text WRITEUP

PHP Server Monitor - Persistent Cross-Site Scripting

View Code

EIP-2026-110510 EXPLOITDB text WORKING POC

PBBoard 2.1.4 - Multiple SQL Injections

View Code

EIP-2026-110216 EXPLOITDB text WORKING POC

op5 Monitoring 5.4.2 - VM Applicance Multiple Vulnerabilities

View Code

EIP-2026-109956 EXPLOITDB text WORKING POC

Nooms CMS 1.1.1 - Cross-Site Request Forgery

View Code

EIP-2026-108072 EXPLOITDB text WORKING POC

jCore CMS - Cross-Site Scripting

View Code

EIP-2026-108040 EXPLOITDB text WORKING POC

Jaow CMS 2.3 - Blind SQL Injection

View Code

EIP-2026-105935 EXPLOITDB text WORKING POC

Clipbucket 2.5 - Directory Traversal

View Code

EIP-2026-105933 EXPLOITDB text WORKING POC

Clipbucket 2.5 - Blind SQL Injection

View Code