Benjamin Moss - Security Researcher - Exploit Intelligence Platform

EIP-2026-112161 EXPLOITDB text WRITEUP

Simplog 0.9.3 - 'BlogID' Multiple SQL Injections

View Code

EIP-2026-112160 EXPLOITDB text WORKING POC

Simplog 0.9.3 - 'archive.php?PID' Cross-Site Scripting

View Code

EIP-2026-111418 EXPLOITDB text WRITEUP

Portix-PHP 0.4.2 - Multiple SQL Injections

View Code

EIP-2026-110030 EXPLOITDB text WRITEUP

Omnistar Article Manager - Multiple SQL Injections

View Code

CVE-2006-5761 EXPLOITDB text WRITEUP

Rhadrix If-CMS 1.01 and 2.07 - Cross-Site Scripting via rns Parameter

Cross-site scripting (XSS) vulnerability in index.php in Rhadrix If-CMS 1.01 and 2.07 allows remote attackers to inject arbitrary web script or HTML via the rns parameter.

View Code

EIP-2026-104886 EXPLOITDB text WRITEUP

Abarcar Realty Portal 5.1.5/6.0.1 - Multiple SQL Injections

View Code

CVE-2006-6066 EXPLOITDB text WRITEUP

Dragon Calendar / Events Listing 2.x - SQL Injection via Multiple Parameters

Multiple SQL injection vulnerabilities in Dragon Calendar / Events Listing 2.x allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) admin_login.asp, the (3) ID parameter to (b) event_searchdetail.asp, or the (4) VenueID parameter to (c) venue_detail.asp.

View Code

CVE-2006-6066 EXPLOITDB text WRITEUP

Dragon Calendar / Events Listing 2.x - SQL Injection via Multiple Parameters

Multiple SQL injection vulnerabilities in Dragon Calendar / Events Listing 2.x allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) admin_login.asp, the (3) ID parameter to (b) event_searchdetail.asp, or the (4) VenueID parameter to (c) venue_detail.asp.

View Code

CVE-2006-6066 EXPLOITDB text WRITEUP

Dragon Calendar / Events Listing 2.x - SQL Injection via Multiple Parameters

Multiple SQL injection vulnerabilities in Dragon Calendar / Events Listing 2.x allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) admin_login.asp, the (3) ID parameter to (b) event_searchdetail.asp, or the (4) VenueID parameter to (c) venue_detail.asp.

View Code