599eme Man

42 exploits Active since Jan 2009
CVE-2009-4059 EXPLOITDB text WORKING POC
JoomClip - SQL Injection via Cat Parameter
SQL injection vulnerability in the JoomClip (com_joomclip) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a thumbs action to index.php.
EIP-2026-107206 EXPLOITDB text WORKING POC
Free Arcade Script 1.0 - 'search' Cross-Site Scripting
CVE-2009-0299 EXPLOITDB text WRITEUP
Groone GLinks 2.1 - SQL Injection via Cat Parameter
SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2009-2920 EXPLOITDB text WRITEUP
elvinbts 1.2.2 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Elvin 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) component and (2) priority parameters to buglist.php; and the (3) Username (4) E-mail, (5) Pass, and (6) Confirm pass fields to createaccount.php.
EIP-2026-106645 EXPLOITDB text WORKING POC
e-Soft24 Jokes Portal Script Seo 1.0 - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-106647 EXPLOITDB text WORKING POC
e-Soft24 PTC Script 1.2 - 'login.php' Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-106644 EXPLOITDB text WORKING POC
e-Soft24 Flash Games Script 1.0 - Cross-Site Scripting
EIP-2026-106643 EXPLOITDB text WORKING POC
e-soft24 Article Directory Script - 'q' Cross-Site Scripting
CVE-2009-2438 EXPLOITDB text WORKING POC
ClanSphere 2009.0 and 2009.0.2 - Cross-Site Scripting via Search Module Text Parameter
Cross-site scripting (XSS) vulnerability in index.php in the search module in ClanSphere 2009.0 and 2009.0.2 allows remote attackers to inject arbitrary web script or HTML via the text parameter in a list action. NOTE: this might overlap CVE-2008-1399.
CVE-2009-4989 EXPLOITDB text WORKING POC
aj_auction_pro-oopd 3.0 - Cross-Site Scripting via txtkeyword Parameter
Cross-site scripting (XSS) vulnerability in index.php in AJ Auction Pro OOPD 3.0 allows remote attackers to inject arbitrary web script or HTML via the txtkeyword parameter in a search action.
CVE-2009-5003 EXPLOITDB text WRITEUP
e-soft24 Banner Exchange Script 1.0 - SQL Injection via click.php targetid Parameter
SQL injection vulnerability in click.php in e-soft24 Banner Exchange Script 1.0 allows remote attackers to execute arbitrary SQL commands via the targetid parameter.
CVE-2009-2439 EXPLOITDB text WORKING POC
Web Development House Alibaba Clone - SQL Injection
Multiple SQL injection vulnerabilities in Web Development House Alibaba Clone allow remote attackers to execute arbitrary SQL commands via the (1) IndustryID parameter to category.php and the (2) SellerID parameter to supplier/view_contact_details.php. NOTE: this is a product that was developed by a third party; it is not associated with alibaba.com or the Alibaba Group.
EIP-2026-105042 EXPLOITDB text WORKING POC
AJ Auction Pro OOPD 3.0 - 'txtkeyword' Cross-Site Scripting
EIP-2026-103571 EXPLOITDB html WORKING POC
Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial of Service
EIP-2026-103604 EXPLOITDB html WORKING POC
Opera 10.10 - Status Bar Obfuscation
EIP-2026-101387 EXPLOITDB text WRITEUP
Neufbox NB4-R1.5.10-MAIN - Persistent Cross-Site Scripting
EIP-2026-101418 EXPLOITDB html WORKING POC
Research In Motion BlackBerry Device Software 4.7.1 - Cross Domain Information Disclosure