**RoAd_KiLlEr**

8 exploits Active since Jul 2010
CVE-2010-4946 EXPLOITDB text WRITEUP
ALLPC 2.5 - SQL Injection
SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.
CVE-2010-4947 EXPLOITDB text WRITEUP
ALLPC 2.5 - XSS
Cross-site scripting (XSS) vulnerability in advanced_search_result.php in ALLPC 2.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
CVE-2010-4944 EXPLOITDB text WRITEUP
Mambo/Joomla! - com_elite_experts - SQL Injection
SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php.
EIP-2026-111493 EXPLOITDB text WRITEUP
PreProject Multi-Vendor Shopping Malls - SQL Injection / Authentication Bypass
CVE-2010-3422 EXPLOITDB text WRITEUP
Joomla! com_jgen 0.9.33 - SQL Injection
SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
EIP-2026-107613 EXPLOITDB text WRITEUP
Honey Soft Web Solution - Multiple Vulnerabilities
CVE-2010-2925 EXPLOITDB text WRITEUP
Freeway CMS <1.4.3.210 - SQL Injection
SQL injection vulnerability in index.php in Freeway CMS 1.4.3.210 allows remote attackers to execute arbitrary SQL commands via the ecPath parameter.
EIP-2026-105713 EXPLOITDB text WRITEUP
Car Portal 2.0 - Blind SQL Injection