Blackness Lynx

2 exploits Active since Feb 2009
CVE-2008-6258 EXPLOITDB text WORKING POC
Quadcomm Q-shop - SQL Injection
SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to CVE-2004-2108.
CVE-2008-6259 EXPLOITDB text WORKING POC
Quadcomm Q-shop < 3.0 - XSS
Cross-site scripting (XSS) vulnerability in search.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the srkeys parameter.