Benjamin Moss

9 exploits Active since Nov 2006
EIP-2026-112161 EXPLOITDB text WRITEUP
Simplog 0.9.3 - 'BlogID' Multiple SQL Injections
EIP-2026-112160 EXPLOITDB text WORKING POC
Simplog 0.9.3 - 'archive.php?PID' Cross-Site Scripting
EIP-2026-111418 EXPLOITDB text WRITEUP
Portix-PHP 0.4.2 - Multiple SQL Injections
EIP-2026-110030 EXPLOITDB text WRITEUP
Omnistar Article Manager - Multiple SQL Injections
CVE-2006-5761 EXPLOITDB text WRITEUP
Rhadrix If-cms - XSS
Cross-site scripting (XSS) vulnerability in index.php in Rhadrix If-CMS 1.01 and 2.07 allows remote attackers to inject arbitrary web script or HTML via the rns parameter.
EIP-2026-104886 EXPLOITDB text WRITEUP
Abarcar Realty Portal 5.1.5/6.0.1 - Multiple SQL Injections
CVE-2006-6066 EXPLOITDB text WRITEUP
Dragon Internet Events Listing - SQL Injection
Multiple SQL injection vulnerabilities in Dragon Calendar / Events Listing 2.x allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) admin_login.asp, the (3) ID parameter to (b) event_searchdetail.asp, or the (4) VenueID parameter to (c) venue_detail.asp.
CVE-2006-6066 EXPLOITDB text WRITEUP
Dragon Internet Events Listing - SQL Injection
Multiple SQL injection vulnerabilities in Dragon Calendar / Events Listing 2.x allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) admin_login.asp, the (3) ID parameter to (b) event_searchdetail.asp, or the (4) VenueID parameter to (c) venue_detail.asp.
CVE-2006-6066 EXPLOITDB text WRITEUP
Dragon Internet Events Listing - SQL Injection
Multiple SQL injection vulnerabilities in Dragon Calendar / Events Listing 2.x allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) admin_login.asp, the (3) ID parameter to (b) event_searchdetail.asp, or the (4) VenueID parameter to (c) venue_detail.asp.