Aria-Security Team - Security Researcher - Exploit Intelligence Platform

CVE-2006-6207 EXPLOITDB text WRITEUP

Lynx Internet Solutions Evolve Merchant - SQL Injection

SQL injection vulnerability in products.asp in Evolve shopping cart (aka Evolve Merchant) allows remote attackers to execute arbitrary SQL commands via the partno parameter. NOTE: the vendor disputes this issue, stating that it is a forced SQL error

View Code

CVE-2006-6367 EXPLOITDB text WRITEUP

DUware DUdownload <1.1 - SQL Injection

Multiple SQL injection vulnerabilities in detail.asp in DUware DUdownload 1.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) iFile or (2) action parameter. NOTE: the iType parameter is already covered by CVE-2005-3976.

View Code

CVE-2006-6355 EXPLOITDB text WRITEUP

DuWare DuClassmate - SQL Injection

SQL injection vulnerability in default.asp in DuWare DuClassmate allows remote attackers to execute arbitrary SQL commands via the iCity parameter. NOTE: the iState parameter is already covered by CVE-2005-2049.

View Code

CVE-2006-7118 EXPLOITDB text WRITEUP

Dmxready Site Engine Manager - SQL Injection

SQL injection vulnerability in index.asp in DMXReady Site Engine Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the mid parameter.

View Code

EIP-2026-100216 EXPLOITDB text WRITEUP

CodeWidgets Web Based Alpha Tabbed Address Book - 'index.asp' SQL Injection

View Code

CVE-2006-6181 EXPLOITDB text WRITEUP

Clicktech Clickcontact - SQL Injection

Multiple SQL injection vulnerabilities in default.asp in ClickTech ClickContact allow remote attackers to execute arbitrary SQL commands via the (1) AlphaSort, (2) In, and (3) orderby parameters.

View Code

CVE-2006-6189 EXPLOITDB text WRITEUP

Clicktech Clickblog - SQL Injection

SQL injection vulnerability in displayCalendar.asp in ClickTech Click Blog allows remote attackers to execute arbitrary SQL commands via the date parameter.

View Code

EIP-2026-100202 EXPLOITDB text WORKING POC

Click&BaneX - 'Details.asp' SQL Injection

View Code

EIP-2026-100201 EXPLOITDB text WRITEUP

Click Gallery - Multiple Input Validation Vulnerabilities

View Code

EIP-2026-100159 EXPLOITDB text WRITEUP

Baran CMS 1.0 - 'Arbitrary '.ASP' File Upload / File Disclosure / SQL Injection / Cross-Site Scripting / Cookie Manipulation

View Code

EIP-2026-100133 EXPLOITDB text WRITEUP

ASPIntranet 2.1 - Multiple SQL Injections

View Code

CVE-2006-5987 EXPLOITDB text WRITEUP

Aspintranet - SQL Injection

SQL injection vulnerability in default.asp in ASPintranet, possibly 1.2, allows remote attackers to execute arbitrary SQL commands via the a parameter.

View Code

CVE-2006-6210 EXPLOITDB text WRITEUP

Iisworks Asp Listpics - SQL Injection

SQL injection vulnerability in listpics.asp in ASP ListPics 5.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.

View Code