H!tm@N

14 exploits Active since Feb 2009
CVE-2009-0420 EXPLOITDB text WORKING POC
RD-Autos 1.5.5 Stable - SQL Injection via id Parameter
SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2008-6166 EXPLOITDB text WORKING POC
jmds com_kbase 1.2 - SQL Injection via id Parameter
SQL injection vulnerability in the KBase (com_kbase) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php.
CVE-2008-6181 EXPLOITDB text WORKING POC
com_mad4joomla < 1.1.8.2 - SQL Injection via jid Parameter
SQL injection vulnerability in the Mad4Joomla Mailforms (com_mad4joomla) component before 1.1.8.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the jid parameter to index.php.
EIP-2026-108779 EXPLOITDB text WORKING POC
Joomla! Component Maian Music 1.2.1 - 'category' SQL Injection
CVE-2009-1499 EXPLOITDB text WRITEUP
Joomla! - SQL Injection via MailTo Component Article Parameter
SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor.
CVE-2008-6184 EXPLOITDB text WORKING POC
OwnBiblio 1.5.3 - SQL Injection via catid Parameter
SQL injection vulnerability in the OwnBiblio (com_ownbiblio) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a catalogue action to index.php.
CVE-2009-0494 EXPLOITDB text WRITEUP
com_portfol 1.2 - SQL Injection via vcatid Parameter
SQL injection vulnerability in the Portfol (com_portfol) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the vcatid parameter in a viewcategory action to index.php.
EIP-2026-108210 EXPLOITDB text WRITEUP
Joomla! Component archaic binary Gallery 0.2 - Directory Traversal
EIP-2026-108227 EXPLOITDB text WORKING POC
Joomla! Component Camelcitydb2 2.2 - SQL Injection
CVE-2009-1496 EXPLOITDB text WRITEUP
Ijobid Com Cmimarketplace - Path Traversal
Directory traversal vulnerability in the Cmi Marketplace (com_cmimarketplace) component 0.1 for Joomla! allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php.
EIP-2026-108395 EXPLOITDB text WORKING POC
Joomla! Component com_jeux - 'id' SQL Injection
CVE-2008-6076 EXPLOITDB text WRITEUP
Joomla! com_dailymessage 1.0.3 - SQL Injection
SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
EIP-2026-108649 EXPLOITDB text WORKING POC
Joomla! Component Fantasytournament - SQL Injection
CVE-2008-6182 EXPLOITDB text WORKING POC
Joomla Ignitegallery - SQL Injection
SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) component 0.8.0 through 0.8.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gallery parameter in a view action to index.php.