Bgh7

6 exploits Active since Dec 2008
CVE-2008-6529 EXPLOITDB text WRITEUP
eZoneScripts Living Local 1.1 - Cross-Site Scripting via listtest.php r Parameter
Cross-site scripting (XSS) vulnerability in listtest.php in eZoneScripts Living Local 1.1 allows remote attackers to inject arbitrary web script or HTML via the r parameter.
CVE-2009-4687 EXPLOITDB text WORKING POC
Silentum Guestbook 2.0.2 - SQL Injection
SQL injection vulnerability in silentum_guestbook.php in Silentum Guestbook 2.0.2 allows remote attackers to execute arbitrary SQL commands via the messageid parameter.
CVE-2009-3965 EXPLOITDB text WORKING POC
New 5 Star Rating 1.0 - SQL Injection
SQL injection vulnerability in rating.php in New 5 star Rating 1.0 allows remote attackers to execute arbitrary SQL commands via the det parameter.
CVE-2008-6530 EXPLOITDB text WRITEUP
eZoneScripts Living Local 1.1 - Authenticated Arbitrary PHP File Upload via editimage.php
Unrestricted file upload vulnerability in editimage.php in eZoneScripts Living Local 1.1 allows remote authenticated administrators to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the uploaded file.
CVE-2009-3659 EXPLOITDB text WORKING POC
BS Counter 2.5.3 - SQL Injection via Page Parameter
SQL injection vulnerability in file/stats.php in BS Counter 2.5.3 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-5751 EXPLOITDB text WORKING POC
AlstraSoft Web Email Script Enterprise - SQL Injection
SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote attackers to execute arbitrary SQL commands via the id parameter in a directory action.