Cyb3r-1sT

59 exploits Active since May 2008
CVE-2008-6348 EXPLOITDB text WRITEUP
DevelopItEasy Photo Gallery 1.2 - SQL Injection via cat_id, photo_id, user_name, or user_pass Parameter
Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to gallery_category.php, (2) photo_id parameter to gallery_photo.php, and the (3) user_name and (4) user_pass parameters to admin/index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-5131 EXPLOITDB text WORKING POC
Develop It Easy News And Article System 1.4 - SQL Injection via aid Parameter and Admin Panel Credentials
Multiple SQL injection vulnerabilities in Develop It Easy News And Article System 1.4 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter to article_details.php, and the (2) username and (3) password to the admin panel (admin/index.php).
CVE-2008-5054 EXPLOITDB text WORKING POC
Develop It Easy Membership System 1.3 - SQL Injection via Email or Password Parameter
Multiple SQL injection vulnerabilities in Develop It Easy Membership System 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters to customer_login.php and the (3) user_name and (4) user_pass parameters to admin/index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-5170 EXPLOITDB text WORKING POC
Cheats Complete Website 1.1.1 - SQL Injection
SQL injection vulnerability in item.php in Cheats Complete Website 1.1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter.
CVE-2008-2532 EXPLOITDB text WORKING POC
AJ Square aj-hyip - SQL Injection via forum/topic_detail.php id Parameter
SQL injection vulnerability in forum/topic_detail.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4044 EXPLOITDB text WORKING POC
AJ Square aj-hyip - SQL Injection via artid Parameter
SQL injection vulnerability in article/readarticle.php in AJ Square aj-hyip (aka AJ HYIP Acme) allows remote attackers to execute arbitrary SQL commands via the artid parameter.
CVE-2008-7021 EXPLOITDB text WRITEUP
AvailScript Jobs Portal Script - Authenticated Arbitrary File Upload via editlogo.php
Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Portal Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an image or logo, then accessing it via a direct request to the file in an unspecified directory.
CVE-2008-4373 EXPLOITDB text WORKING POC
AvailScript Job Portal Script - SQL Injection via jid Parameter
SQL injection vulnerability in job_seeker/applynow.php in AvailScript Job Portal Script allows remote attackers to execute arbitrary SQL commands via the jid parameter.
EIP-2026-100290 EXPLOITDB text WRITEUP
E-ShopSystem - Authentication Bypass / SQL Injection