Chip d3 bi0s

51 exploits Active since Jun 2009
CVE-2009-4938 EXPLOITDB text WORKING POC
Warphd Com Jvideo - SQL Injection
SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user action to index.php.
EIP-2026-113124 EXPLOITDB text WRITEUP
Visitors Google Map Lite 1.0.1 Free mod_visitorsgooglemap Module - SQL Injection
CVE-2009-2895 EXPLOITDB text WORKING POC
Phpsugar Ultimate Regnow Affiliate - SQL Injection
SQL injection vulnerability in rss.php in Ultimate Regnow Affiliate (URA) 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
EIP-2026-111413 EXPLOITDB text WRITEUP
Portel 2008 - 'decide.php?patron' Blind SQL Injection
EIP-2026-110726 EXPLOITDB text WORKING POC
PHP Melody 1.5.3 - Arbitrary File Upload Injection
EIP-2026-109413 EXPLOITDB text WORKING POC
Memorial Web Site Script - Multiple Arbitrary Delete Vulnerabilities
EIP-2026-109414 EXPLOITDB text WORKING POC
Memorial Web Site Script - Reset Password / Insecure Cookie Handling
CVE-2010-1858 EXPLOITDB text WRITEUP
Gelembjuk Com Smestorage < 1.0 - Path Traversal
Directory traversal vulnerability in the SMEStorage (com_smestorage) component before 1.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
CVE-2010-1315 EXPLOITDB text WORKING POC
Joomla! <1.06.02 - Path Traversal
Directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1875 EXPLOITDB text WRITEUP
Com-property Com Properties - Path Traversal
Directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1304 EXPLOITDB text WORKING POC
Joomla! com_userstatus <1.21.16 - Path Traversal
Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
EIP-2026-108795 EXPLOITDB text WRITEUP
Joomla! Component mod_VisitorData 1.1 - Remote code Execution
CVE-2009-2601 EXPLOITDB text WORKING POC
Joomlaequipment <2.0.4 - SQL Injection
SQL injection vulnerability in the Joomlaequipment (aka JUser or com_juser) component 2.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_profile action to index.php.
CVE-2010-3426 EXPLOITDB text WORKING POC
JPhone <1.0 Alpha 3 - Path Traversal
Directory traversal vulnerability in jphone.php in the JPhone (com_jphone) component 1.0 Alpha 3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2009-2015 EXPLOITDB text WORKING POC
Joomla! com_moofaq 1.0 - Path Traversal
Directory traversal vulnerability in includes/file_includer.php in the Ideal MooFAQ (com_moofaq) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2009-4620 EXPLOITDB text WORKING POC
Joomloc 1.0 - SQL Injection
SQL injection vulnerability in the Joomloc (com_joomloc) component 1.0 for Joomla allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php.
CVE-2009-2102 EXPLOITDB text WORKING POC
Joomla com_jumi 2.0.3 - SQL Injection
SQL injection vulnerability in the Jumi (com_jumi) component 2.0.3 and possibly other versions for Joomla allows remote attackers to execute arbitrary SQL commands via the fileid parameter to index.php.
CVE-2010-1873 EXPLOITDB text WORKING POC
Com Jvehicles - SQL Injection
SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an agentlisting action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2009-2395 EXPLOITDB text WORKING POC
K2 <1.0.1 - SQL Injection
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php.
CVE-2009-3971 EXPLOITDB text WRITEUP
jTips 1.0.7-1.0.9 - SQL Injection
SQL injection vulnerability in the jTips (com_jtips) component 1.0.7 and 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the season parameter in a ladder action to index.php.
EIP-2026-108294 EXPLOITDB text WORKING POC
Joomla! Component com_calcbuilder - 'id' Blind SQL Injection
CVE-2009-3316 EXPLOITDB perl WORKING POC
Jforjoomla Com Jreservation - SQL Injection
SQL injection vulnerability in the JReservation (com_jreservation) component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php.
CVE-2010-1302 EXPLOITDB text WORKING POC
Joomla! com_dwgraphs 1.0 - Path Traversal
Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
EIP-2026-108611 EXPLOITDB text WORKING POC
Joomla! Component com_zoomportfolio - SQL Injection
CVE-2010-1340 EXPLOITDB text WORKING POC
Joomla! - Path Traversal
Directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.