HaRi

26 exploits Active since Jul 2010
CVE-2010-2697 EXPLOITDB text WRITEUP
Sijio Community Software - XSS
Cross-site scripting (XSS) vulnerability in Sijio Community Software allows remote authenticated users to inject arbitrary web script or HTML via the title parameter when adding a new blog, related to edit_blog/index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-2696 EXPLOITDB text WRITEUP
Sijio Community Software - SQL Injection
SQL injection vulnerability in gallery/index.php in Sijio Community Software allows remote attackers to execute arbitrary SQL commands via the parent parameter.
CVE-2010-4986 EXPLOITDB text WRITEUP
Simple Document Management System - SQL Injection
SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter.
CVE-2010-2698 EXPLOITDB text WRITEUP
Sijio Community Software - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Sijio Community Software allow remote authenticated users to inject arbitrary web script or HTML via the title parameter when (1) editing a new blog, (2) adding an album, or (3) editing an album. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-111683 EXPLOITDB text WRITEUP
Rayzz Photoz - Arbitrary File Upload
EIP-2026-111393 EXPLOITDB text WRITEUP
Pointter Social Network - Local File Inclusion
CVE-2010-2721 EXPLOITDB text WRITEUP
RightInPoint Lyrics Script 3.0 - SQL Injection
SQL injection vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to execute arbitrary SQL commands via the artist_id parameter in an addalbum action.
EIP-2026-108808 EXPLOITDB text WRITEUP
Joomla! Component MySMS - Arbitrary File Upload
EIP-2026-108388 EXPLOITDB text WRITEUP
Joomla! Component com_jcommunity - SQL Injection
EIP-2026-108338 EXPLOITDB text WRITEUP
Joomla! Component com_eportfolio - Arbitrary File Upload
EIP-2026-108400 EXPLOITDB text WRITEUP
Joomla! Component com_jmarket - SQL Injection
EIP-2026-108406 EXPLOITDB text WRITEUP
Joomla! Component com_jomestate - Remote File Inclusion
EIP-2026-108420 EXPLOITDB text WRITEUP
Joomla! Component com_jtickets - SQL Injection
EIP-2026-108679 EXPLOITDB text WRITEUP
Joomla! Component IXXO Cart - SQL Injection
EIP-2026-107947 EXPLOITDB text WRITEUP
Iphone Pointter Social Network - Local File Inclusion
EIP-2026-107697 EXPLOITDB text WRITEUP
I-Net MLM Script Engine - SQL Injection
CVE-2010-2611 EXPLOITDB text WRITEUP
I-netsolution Job Search Engine Script - SQL Injection
SQL injection vulnerability in show_search_result.php in i-netsolution Job Search Engine allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
EIP-2026-107603 EXPLOITDB text WRITEUP
Holiday Travel Portal - Arbitrary File Upload
EIP-2026-106284 EXPLOITDB text WRITEUP
CustomCMS - Persistent Cross-Site Scripting
EIP-2026-105630 EXPLOITDB text WRITEUP
Bs Home_Classifieds Script - SQL Injection
EIP-2026-105622 EXPLOITDB text WRITEUP
Bs Auction Script - SQL Injection
EIP-2026-105632 EXPLOITDB text WRITEUP
Bs Scripts_Directory - SQL Injection / Authentication Bypass
EIP-2026-105631 EXPLOITDB text WRITEUP
Bs Realtor_Web Script - SQL Injection
CVE-2010-2917 EXPLOITDB text WRITEUP
AJ Square AJ Article 3.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AJ Square AJ Article 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) emailid, (2) fname, (3) lname, (4) company, (5) address1, (6) address2, (7) city, (8) state, (9) zipcode, (10) phone, and (11) fax parameters in an update action. NOTE: some of these details are obtained from third party information.
EIP-2026-104932 EXPLOITDB text WRITEUP
Ad Network Script - Persistent Cross-Site Scripting