Codebreak

6 exploits Active since Jan 2007
CVE-2009-2017 EXPLOITDB text WORKING POC
Virtue Book Store - SQL Injection via products.php cid Parameter
SQL injection vulnerability in products.php in Virtue Book Store allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2009-2021 EXPLOITDB text WORKING POC
Virtue Classifieds - SQL Injection via Search Category Parameter
SQL injection vulnerability in search.php in Virtue Classifieds allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2009-2016 EXPLOITDB text WORKING POC
Virtue Shopping Mall - SQL Injection
SQL injection vulnerability in products.php in Virtue Shopping Mall allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2009-4208 EXPLOITDB text WORKING POC
Open-school 1.0 - SQL Injection via os_news Module id Parameter
SQL injection vulnerability in the os_news module in Open-school (OS) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to index.php.
CVE-2007-0687 EXPLOITDB text WORKING POC
Michelle's L2J Dropcalc <4 - SQL Injection
SQL injection vulnerability in i-search.php in Michelle's L2J Dropcalc 4 and earlier allows remote authenticated users to execute arbitrary SQL commands via the itemid parameter.
CVE-2007-0173 EXPLOITDB php WORKING POC
L2J Statistik Script <= 0.09 - Directory Traversal via Page Parameter
Directory traversal vulnerability in index.php in L2J Statistik Script 0.09 and earlier, when register_globals is enabled and magic_quotes is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php.