His0k4

100 exploits Active since Feb 2005
CVE-2008-2692 EXPLOITDB perl WORKING POC
Joomla com_yvcomment <= 1.16.0 - SQL Injection via ArticleID Parameter
SQL injection vulnerability in the yvComment (com_yvcomment) component 1.16.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the ArticleID parameter in a comment action to index.php.
CVE-2008-5200 EXPLOITDB perl WORKING POC
Joomla com_xewebtv - SQL Injection via id Parameter
SQL injection vulnerability in the Xe webtv (com_xewebtv) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2008-6481 EXPLOITDB text WORKING POC
com_versioning 1.0.2 - SQL Injection via id Parameter
SQL injection vulnerability in the Versioning component (com_versioning) 1.0.2 in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php.
CVE-2008-2568 EXPLOITDB text WORKING POC
Joomla com_simpleshop < 3.4 - SQL Injection via catid Parameter
SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component 3.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a browse action to index.php.
CVE-2008-2697 EXPLOITDB text WORKING POC
Joomla com_rapidrecipe 1.6.6-1.6.7 - SQL Injection via recipe_id Parameter
SQL injection vulnerability in the Rapid Recipe (com_rapidrecipe) component 1.6.6 and 1.6.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php.
EIP-2026-108165 EXPLOITDB perl WORKING POC
Joomla! / Mambo Component Joo!BB 0.5.9 - 'forum' SQL Injection
CVE-2008-5051 EXPLOITDB perl WORKING POC
JooBlog 0.1.1 - SQL Injection via PostID Parameter
SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php.
CVE-2008-2651 EXPLOITDB perl WORKING POC
Joomla! Bulletin Board (com_joobb) 0.5.9 - SQL Injection via Forum Parameter
SQL injection vulnerability in the Joomla! Bulletin Board (aka Joo!BB or com_joobb) component 0.5.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the forum parameter in a forum action to index.php.
CVE-2008-7169 EXPLOITDB text WORKING POC
Jabode com_jabode - SQL Injection via id Parameter
SQL injection vulnerability in Jabode horoscope extension (com_jabode) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a sign task to index.php.
CVE-2008-2627 EXPLOITDB text WORKING POC
Joomla com_idoblog <= b24 - SQL Injection via UserID Parameter
SQL injection vulnerability in the IDoBlog (com_idoblog) component b24 and earlier and 1.0, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the userid parameter in a userblog action to index.php.
CVE-2008-2701 EXPLOITDB perl WORKING POC
Joomla com_gameq <= 4.0 - SQL Injection via category_id Parameter
SQL injection vulnerability in the GameQ (com_gameq) component 4.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a page action to index.php.
CVE-2008-3586 EXPLOITDB perl WORKING POC
Joomla! com_ezstore - SQL Injection
SQL injection vulnerability in the EZ Store (com_ezstore) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
EIP-2026-108644 EXPLOITDB text WORKING POC
Joomla! Component EXP Shop 1.0 - SQL Injection
CVE-2008-2892 EXPLOITDB text WORKING POC
EXP Shop Component 1.0 for Joomla! - SQL Injection via catid Parameter
SQL injection vulnerability in the EXP Shop (com_expshop) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_payment action to index.php.
CVE-2008-2628 EXPLOITDB text WORKING POC
com_equotes 0.9.4 - SQL Injection via id Parameter
SQL injection vulnerability in the eQuotes (com_equotes) component 0.9.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2008-3265 EXPLOITDB text WORKING POC
DT Register (com_dtregister) 2.2.3 - SQL Injection
SQL injection vulnerability in the DT Register (com_dtregister) 2.2.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the eventId parameter in a pay_options action to index.php.
CVE-2008-3083 EXPLOITDB text WORKING POC
brightcode_weblinks_module - SQL Injection via catid Parameter
SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2008-3132 EXPLOITDB text WORKING POC
Joomla com_beamospetition - SQL Injection via Pet Parameter
SQL injection vulnerability in the beamospetition (com_beamospetition) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pet parameter to index.php.
CVE-2008-2632 EXPLOITDB perl WORKING POC
Joomla com_acctexp 0.12.x and earlier - SQL Injection via Usage Parameter
SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php.
CVE-2008-2425 EXPLOITDB perl WORKING POC
FicHive 1.0 - SQL Injection via Search Letter Parameter
SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the letter parameter in a Search action, a different vector than CVE-2008-2416. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2175 EXPLOITDB text WORKING POC
Gamma Scripts BlogMe PHP 1.1 - SQL Injection via id Parameter
SQL injection vulnerability in comments.php in Gamma Scripts BlogMe PHP 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2444 EXPLOITDB text WORKING POC
CaLogic Calendars 1.2.2 - SQL Injection via langsel Parameter
SQL injection vulnerability in userreg.php in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary SQL commands via the langsel parameter.
CVE-2008-2529 EXPLOITDB text WORKING POC
Advanced Links Management 1.5.2 - SQL Injection via catId Parameter
SQL injection vulnerability in read.php in Advanced Links Management (ALM) 1.5.2 allows remote attackers to execute arbitrary SQL commands via the catId parameter.
EIP-2026-104533 EXPLOITDB perl WORKING POC
Novell eDirectory 8.8 SP5 - (Authenticated) Remote Buffer Overflow
CVE-2009-2286 EXPLOITDB python WORKING POC
compface < 1.5.2 - Buffer Overflow via Long Declaration in .xbm File
Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch.