CyberGhost

12 exploits Active since Jun 2005
CVE-2007-1438 EXPLOITDB text WRITEUP
X-Ice News System 1.0 - SQL Injection via devami.asp id Parameter
SQL injection vulnerability in devami.asp in X-Ice News System 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-2662 EXPLOITDB text WORKING POC
EfesTECH Haber 5.0 - SQL Injection via id Parameter
SQL injection vulnerability in EfesTECH Haber 5.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to the top-level URI.
CVE-2007-5272 EXPLOITDB text WRITEUP
Furkan Tastan Blog - SQL Injection via kategori.asp id Parameter
SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote attackers to execute arbitrary SQL commands via the id parameter in a goster kat action.
CVE-2007-1410 EXPLOITDB text WRITEUP
GaziYapBoz Game Portal - SQL Injection via kategori Parameter
SQL injection vulnerability in kategori.asp in GaziYapBoz Game Portal allows remote attackers to execute arbitrary SQL commands via the kategori parameter.
CVE-2007-3188 EXPLOITDB text WRITEUP
GeometriX Download Portal - SQL Injection via down_indir.asp id Parameter
SQL injection vulnerability in down_indir.asp in Fullaspsite GeometriX Download Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-1570 EXPLOITDB text WRITEUP
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1438. Reason: This candidate is a duplicate of CVE-2007-1438. Notes: All CVE users should reference CVE-2007-1438 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2007-1712 EXPLOITDB text WRITEUP
ActiveWebSoftwares Active Auction Pro 7.1 - SQL Injection via catid Parameter
SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Auction Pro 7.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2007-1630 EXPLOITDB text WRITEUP
ActiveWebSoftwares Active Link Engine - SQL Injection via catid Parameter
SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Link Engine allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2007-1629 EXPLOITDB text WORKING POC
Active Photo Gallery - SQL Injection via catid Parameter
SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Photo Gallery allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2007-1705 EXPLOITDB text WORKING POC
Active Trade 2 - SQL Injection via catid Parameter
SQL injection vulnerability in default.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2005-2062 EXPLOITDB text WORKING POC
ActiveBuyAndSell 6.2 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to execute arbitrary SQL commands via the catid parameter to (1) default.asp or (2) buyersend.asp, (3) Administrator ID field in admin.asp, E-mail field in (4) advertiserstart.asp or (5) buyer.asp, or Keyword field in search.asp.
CVE-2007-2342 EXPLOITDB text WRITEUP
CreaScripts CreaDirectory 1.2 - SQL Injection
SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-6083.