Blackness Lynx

2 exploits Active since Feb 2009
CVE-2008-6258 EXPLOITDB text WORKING POC
QuadComm Q-Shop 3.0 - SQL Injection via UserID or Pwd Parameter
SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to CVE-2004-2108.
CVE-2008-6259 EXPLOITDB text WORKING POC
QuadComm Q-Shop < 3.0 - Cross-Site Scripting via search.asp srkeys Parameter
Cross-site scripting (XSS) vulnerability in search.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the srkeys parameter.