-tmh-

4 exploits Active since Sep 2008
CVE-2009-1347 EXPLOITDB text WRITEUP
chCounter 3.1.3 - SQL Injection via Login Name or Password Parameter
Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via (1) the login_name parameter (aka the username field) or (2) the login_pw parameter (aka the password field).
CVE-2008-4355 EXPLOITDB text WORKING POC
Powie PSCRIPT Forum <= 1.30 - SQL Injection via showprofil.php id Parameter
SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-106133 EXPLOITDB text WRITEUP
ConPresso 3.4.8 - 'detail.php' Blind SQL Injection
CVE-2009-1362 EXPLOITDB text WRITEUP
chcounter 3.1.3 - SQL Injection via login_name Parameter
SQL injection vulnerability in administration/index.php in chCounter 3.1.3 allows remote attackers to execute arbitrary SQL commands via the login_name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.