Devil-00

9 exploits Active since Nov 2005
CVE-2006-2494 EXPLOITDB c WORKING POC
Lacaveprods Intellitamper < 2.07 - Buffer Overflow
Stack-based buffer overflow in IntelliTamper 2.07 allows remote attackers to execute arbitrary code via a crafted .map file.
EIP-2026-113160 EXPLOITDB perl WORKING POC
VuBB Forum RC1 - 'm' SQL Injection
CVE-2005-4656 EXPLOITDB perl WORKING POC
TClanPortal <1.1.3 - SQL Injection
SQL injection vulnerability in index.php in TClanPortal 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands, and retrieve all usernames and passwords, via the id parameter.
CVE-2006-0959 EXPLOITDB text WORKING POC
Mybulletinboard - SQL Injection
SQL injection vulnerability in misc.php in MyBulletinBoard (MyBB) 1.03, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands by setting the comma variable value via the comma parameter in a cookie. NOTE: 1.04 has also been reported to be affected.
CVE-2006-1974 EXPLOITDB text WORKING POC
Mybulletinboard - SQL Injection
SQL injection vulnerability in index.php in MyBB (MyBulletinBoard) before 1.04 allows remote attackers to execute arbitrary SQL commands via the referrer parameter.
CVE-2006-0959 EXPLOITDB perl WORKING POC
Mybulletinboard - SQL Injection
SQL injection vulnerability in misc.php in MyBulletinBoard (MyBB) 1.03, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands by setting the comma variable value via the comma parameter in a cookie. NOTE: 1.04 has also been reported to be affected.
CVE-2006-1978 EXPLOITDB perl WORKING POC
Flexbb < 0.5.5 - SQL Injection
SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_username COOKIE parameter.
CVE-2006-2034 EXPLOITDB perl WORKING POC
Flexbb - SQL Injection
SQL injection vulnerability in function/showprofile.php in FlexBB 0.5.5 allows remote attackers to execute arbitrary SQL commands, and view all usernames and passwords, via the id parameter to the showprofile page in index.php.
CVE-2005-3696 EXPLOITDB text WORKING POC
Arki-db - SQL Injection
SQL injection vulnerability in Arki-DB 1.0 and 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action (view.php) to index.php.