DaBDouB-MoSiKaR

7 exploits Active since Mar 2006
CVE-2006-1330 EXPLOITDB text WORKING POC
phpwebsite <= 0.83 - SQL Injection via sid Parameter
Multiple SQL injection vulnerabilities in phpWebsite 0.83 and earlier allow remote attackers to execute arbitrary SQL commands via the sid parameter to (1) friend.php or (2) article.php.
CVE-2006-1426 EXPLOITDB text WORKING POC
Pixel Motion Blog - SQL Injection via Date Parameter and Authentication Bypass via Password Parameter
Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitrary SQL commands via the (1) date parameter in index.php or bypass authentication via the (2) password parameter in admin/index.php.
CVE-2006-1426 EXPLOITDB text WRITEUP
Pixel Motion Blog - SQL Injection via Date Parameter and Authentication Bypass via Password Parameter
Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitrary SQL commands via the (1) date parameter in index.php or bypass authentication via the (2) password parameter in admin/index.php.
CVE-2006-1330 EXPLOITDB text WRITEUP
phpwebsite <= 0.83 - SQL Injection via sid Parameter
Multiple SQL injection vulnerabilities in phpWebsite 0.83 and earlier allow remote attackers to execute arbitrary SQL commands via the sid parameter to (1) friend.php or (2) article.php.
CVE-2006-1535 EXPLOITDB text WRITEUP
Phoetux.net PhxContacts <0.93.1 - XSS
Cross-site scripting (XSS) vulnerability in login.php in Phoetux.net PhxContacts 0.93.1 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter.
CVE-2006-1419 EXPLOITDB text WRITEUP
nuked-klan < 1.7.5 - SQL Injection via Calendar Module m Parameter
SQL injection vulnerability in the Calendar module in nuked-klan 1.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter to index.php.
CVE-2006-1579 EXPLOITDB text WRITEUP
dbbs < 2.0-alpha - SQL Injection via topics.php limite Parameter
SQL injection vulnerability in topics.php in Dynamic Bulletin Board System (DbbS) 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the limite parameter.