Andrea Bocchetti

9 exploits Active since Dec 2009
CVE-2018-25371 EXPLOITDB HIGH text WORKING POC
mooSocial Store Plugin 2.6 SQL Injection via product parameter
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query techniques in the product URI parameter to extract sensitive database information.
CVSS 8.2
CVE-2022-50970 EXPLOITDB MEDIUM text WORKING POC
WordPress Plugin AAWP 3.16 Reflected XSS via tab Parameter
WordPress Plugin AAWP 3.16 contains a reflected cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the tab parameter. Attackers can craft URLs with XSS payloads in the tab parameter of the aawp-settings admin page to execute arbitrary JavaScript in the context of authenticated users.
CVSS 5.4
EIP-2026-112737 EXPLOITDB text WRITEUP
Tolinet Agencia - 'id' SQL Injection
EIP-2026-112188 EXPLOITDB text WORKING POC
Sitemagic CMS - 'SMTpl' Directory Traversal
CVE-2010-2040 EXPLOITDB text WRITEUP
V-EVA Shopzilla Affiliate Script PHP - Cross-Site Scripting via search.php s Parameter
Cross-site scripting (XSS) vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter.
EIP-2026-109951 EXPLOITDB text WRITEUP
Nodesforum - '_nodesforum_node' SQL Injection
EIP-2026-108822 EXPLOITDB text WRITEUP
Joomla! Component Parcoauto - 'idVeicolo' SQL Injection
EIP-2026-107700 EXPLOITDB text WRITEUP
i-Net Solution Matrimonial Script 2.0.3 - 'alert.php' Cross-Site Scripting
CVE-2009-4464 EXPLOITDB text WRITEUP
Active Business Directory 2 - Cross-Site Scripting via searchadvance.asp search parameter
Cross-site scripting (XSS) vulnerability in searchadvance.asp in Active Business Directory 2 allows remote attackers to inject arbitrary web script or HTML via the search parameter.