markus arndt

4 exploits Active since Dec 2001
EIP-2026-110598 EXPLOITDB text WORKING POC
Phorum 3.3.2 - Cross-Site Scripting
CVE-2002-0764 EXPLOITDB text WORKING POC
Phorum 3.3.2a - Remote Code Execution via PHORUM[settings_dir] Manipulation
Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a directory that contains a PHP file with the commands.
CVE-2001-1525 EXPLOITDB text WORKING POC
easyNews 1.5 and earlier - Directory Traversal via cid Parameter
Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter.
CVE-2002-0730 EXPLOITDB text WORKING POC
Philip Chinery's Guestbook 1.1 - Cross-Site Scripting via Name EMail or Homepage Fields
Cross-site scripting vulnerability in guestbook.pl for Philip Chinery's Guestbook 1.1 allows remote attackers to execute Javascript or HTML via fields such as (1) Name, (2) EMail, or (3) Homepage.