x0r0n

8 exploits Active since Apr 2007
CVE-2007-2541 EXPLOITDB text WORKING POC
Versado CMS 1.07 - RCE
PHP remote file inclusion vulnerability in includes/ajax_listado.php in Versado CMS 1.07 allows remote attackers to execute arbitrary PHP code via a URL in the urlModulo parameter.
EIP-2026-112701 EXPLOITDB text WRITEUP
Tiny Web Gallery 1.5 - 'Image' Multiple Remote File Inclusions
CVE-2007-2347 EXPLOITDB text WORKING POC
OneClick CMS <5.10 - RCE
PHP remote file inclusion vulnerability in main/forum/komentar.php in OneClick CMS (aka Sisplet CMS) 05.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter.
CVE-2007-2544 EXPLOITDB text WRITEUP
PHP TopTree BBS <2.0.1a - RCE
PHP remote file inclusion vulnerability in templates/default/tpl_message.php in PHP TopTree BBS 2.0.1a and earlier allows remote attackers to execute arbitrary PHP code via a URL in the right_file parameter.
CVE-2007-1907 EXPLOITDB text WORKING POC
Pathos CMS <0.92-2 - RCE
PHP remote file inclusion vulnerability in warn.php in Pathos Content Management System (CMS) 0.92-2 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter.
CVE-2007-1837 EXPLOITDB text WORKING POC
MangoBery CMS 0.5.5 - RCE
Multiple PHP remote file inclusion vulnerabilities in MangoBery CMS 0.5.5 allow remote attackers to execute arbitrary PHP code via a URL in the Site_Path parameter to (1) boxes/quotes.php or (2) templates/mangobery/footer.sample.php.
CVE-2007-2521 EXPLOITDB text WRITEUP
E-GADS! <2.2.7 - RCE
PHP remote file inclusion vulnerability in common.php in E-GADS! before 2.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the locale parameter.
CVE-2007-1986 EXPLOITDB text WORKING POC
barnraiser AROUNDMe 0.7.7 - RCE
Multiple PHP remote file inclusion vulnerabilities in barnraiser AROUNDMe 0.7.7 allow remote attackers to execute arbitrary PHP code via a URL in the (1) language_path_core parameter to inc/core_profile.header.php, the (2) template_path_core parameter to template/barnraiser_01/maint_contact_view.tpl.php, and the (3) template_path parameter to template/barnraiser_01/default.tpl.php. NOTE: this issue might overlap CVE-2006-5533.