C1c4Tr1Z

11 exploits Active since Sep 2008
EIP-2026-114896 EXPLOITDB text WORKING POC
Amaya 11.1 - XHTML Parser Remote Buffer Overflow (PoC)
CVE-2009-2016 EXPLOITDB text WORKING POC
Virtue Shopping Mall - SQL Injection
SQL injection vulnerability in products.php in Virtue Shopping Mall allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2009-2021 EXPLOITDB text WORKING POC
Virtue Classifieds - SQL Injection
SQL injection vulnerability in search.php in Virtue Classifieds allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2009-2017 EXPLOITDB text WORKING POC
Virtue Book Store - SQL Injection
SQL injection vulnerability in products.php in Virtue Book Store allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-3937 EXPLOITDB MEDIUM text WORKING POC
OpenDb 1.0.6 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Open Media Collectors Database (OpenDb) 1.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) user_id parameter in an edit action to user_admin.php, the (2) title parameter to listings.php, and the (3) redirect_url parameter to user_profile.php.
CVSS 6.1
CVE-2009-4208 EXPLOITDB text WORKING POC
Open-school OS 1.0 - SQL Injection
SQL injection vulnerability in the os_news module in Open-school (OS) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to index.php.
CVE-2008-3937 EXPLOITDB MEDIUM text WORKING POC
OpenDb 1.0.6 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Open Media Collectors Database (OpenDb) 1.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) user_id parameter in an edit action to user_admin.php, the (2) title parameter to listings.php, and the (3) redirect_url parameter to user_profile.php.
CVSS 6.1
CVE-2008-3937 EXPLOITDB MEDIUM text WORKING POC
OpenDb 1.0.6 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Open Media Collectors Database (OpenDb) 1.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) user_id parameter in an edit action to user_admin.php, the (2) title parameter to listings.php, and the (3) redirect_url parameter to user_profile.php.
CVSS 6.1
CVE-2008-4447 EXPLOITDB text WORKING POC
Positive Software H-sphere - XSS
Cross-site scripting (XSS) vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to inject arbitrary web script or HTML via (1) the fn parameter during a dload action, (2) the mask parameter during a search action, and (3) the tab parameter during a sysinfo action.
EIP-2026-106552 EXPLOITDB text WORKING POC
dotProject 2.1.2 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
EIP-2026-104873 EXPLOITDB text WORKING POC
@Mail 5.42 and @Mail WebMail 5.0.5 - Multiple Cross-Site Scripting Vulnerabilities