GeFORC3

14 exploits Active since Jun 2007
CVE-2007-6673 EXPLOITDB text WORKING POC
Makale Scripti - Cross-Site Scripting via Ara Parameter
Cross-site scripting (XSS) vulnerability in Makale Scripti allows remote attackers to inject arbitrary web script or HTML via the ara parameter to the default URI under Ara/ in a search action.
CVE-2007-5181 EXPLOITDB text WRITEUP
Netkamp Emlak Scripti - SQL Injection via detay.asp ilan_id Parameter
SQL injection vulnerability in detay.asp in Netkamp Emlak Scripti allows remote attackers to execute arbitrary SQL commands via the ilan_id parameter.
CVE-2007-5180 EXPLOITDB text WRITEUP
Ohesa Emlak Portali - SQL Injection via Kategori or Emlak Parameter
Multiple SQL injection vulnerabilities in Ohesa Emlak Portali allow remote attackers to execute arbitrary SQL commands via the (1) Kategori parameter in satilik.asp and the (2) Emlak parameter in detay.asp.
CVE-2007-3310 EXPLOITDB text WORKING POC
TDizin - Cross-Site Scripting via arama.asp ara Parameter
Cross-site scripting (XSS) vulnerability in arama.asp in TDizin allows remote attackers to inject arbitrary web script or HTML via the ara parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-4434 EXPLOITDB text WRITEUP
Text File Search ASP - Cross-Site Scripting via Query Parameter
Cross-site scripting (XSS) vulnerability in textfilesearch.asp in the Text File Search ASP (Classic) edition allows remote attackers to inject arbitrary web script or HTML via the query parameter.
CVE-2007-4024 EXPLOITDB text WRITEUP
W1L3D4 Philboard < 0.3 - Cross-Site Scripting via searchterms Parameter
Cross-site scripting (XSS) vulnerability in W1L3D4_aramasonuc.asp in W1L3D4 Philboard 0.3 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-3884 EXPLOITDB text WORKING POC
husrevforum 1.0.1 and 2.0.1 - SQL Injection via forumid Parameter
SQL injection vulnerability in philboard_forum.asp in husrevforum 1.0.1 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: it was later reported that 2.0.1 is also affected.
CVE-2007-3629 EXPLOITDB text WORKING POC
Levent Veysi Portal 1.0 - SQL Injection via id Parameter
SQL injection vulnerability in oku.asp in Levent Veysi Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-3824 EXPLOITDB text WORKING POC
MzK Blog - SQL Injection via katID Parameter
SQL injection vulnerability in katgoster.asp in MzK Blog (tr) allows remote attackers to execute arbitrary SQL commands via the katID parameter.
CVE-2007-5180 EXPLOITDB text WRITEUP
Ohesa Emlak Portali - SQL Injection via Kategori or Emlak Parameter
Multiple SQL injection vulnerabilities in Ohesa Emlak Portali allow remote attackers to execute arbitrary SQL commands via the (1) Kategori parameter in satilik.asp and the (2) Emlak parameter in detay.asp.
CVE-2007-3991 EXPLOITDB html WORKING POC
Asp cvmatik < 1.1 - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in cv.asp in Asp cvmatik 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Adiniz (Ady), (2) Soyadiniz (Soyady), (3) Ehliyet, (4) Askerlik, and (5) GSM parameters; and possibly other unspecified vectors.
CVE-2007-3989 EXPLOITDB html WRITEUP
Dora Emlak 1.0 - Cross-Site Scripting via Adiniz and Soyadiniz Parameters
Multiple cross-site scripting (XSS) vulnerabilities in default.asp in Dora Emlak 1.0, when the goster parameter is set to iletisim, allow remote attackers to inject arbitrary web script or HTML via the (1) Adiniz and (2) Soyadiniz parameters; and possibly other unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-4076 EXPLOITDB text WRITEUP
Alisveris Sitesi Scripti - SQL Injection
Multiple SQL injection vulnerabilities in index.asp in Alisveris Sitesi Scripti allow remote attackers to execute arbitrary SQL commands via the (1) product_id or (2) cat_id parameter in a product mod action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-4075 EXPLOITDB text WRITEUP
Alisveris Sitesi Scripti - Cross-Site Scripting via Search q Parameter
Cross-site scripting (XSS) vulnerability in index.asp in Alisveris Sitesi Scripti allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search mod action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.