Hussin X - Security Researcher - Exploit Intelligence Platform

CVE-2008-4881 EXPLOITDB WORKING POC

YourFreeWorld Reminder Service Script - SQL Injection via id Parameter

SQL injection vulnerability in tr.php in YourFreeWorld Reminder Service Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

CVE-2008-4882 EXPLOITDB WORKING POC

YourFreeWorld Autoresponder Hosting Script - SQL Injection via tr.php id Parameter

SQL injection vulnerability in tr.php in YourFreeWorld Autoresponder Hosting Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

CVE-2008-4883 EXPLOITDB WORKING POC

YourFreeWorld Blog Blaster Script - SQL Injection via tr.php id Parameter

SQL injection vulnerability in tr.php in YourFreeWorld Blog Blaster Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

CVE-2008-4884 EXPLOITDB WORKING POC

YourFreeWorld Classifieds Hosting Script - SQL Injection via tr.php id Parameter

SQL injection vulnerability in tr.php in YourFreeWorld Classifieds Hosting Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

CVE-2008-4895 EXPLOITDB WORKING POC

YourFreeWorld Downline Builder - SQL Injection via tr.php id Parameter

SQL injection vulnerability in tr.php in YourFreeWorld Downline Builder allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

CVE-2008-6262 EXPLOITDB WORKING POC

SaturnCMS - SQL Injection via Translate Function URL Parameter

SQL injection vulnerability in lib/url/meta_url.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the URL to the translate function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

View Code

CVE-2008-3672 EXPLOITDB WORKING POC

PozScripts Classified Ads - SQL Injection

SQL injection vulnerability in showcategory.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3673. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

View Code

CVE-2008-5864 EXPLOITDB WORKING POC

com_tophotelmodule 1.0 - SQL Injection via id Parameter

SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.

View Code

CVE-2008-5865 EXPLOITDB WORKING POC

Hotel Booking Reservation System 1.0.0 - com_hbssearch - SQL Injection

SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php.

View Code

CVE-2008-5874 EXPLOITDB WORKING POC

Hotel Booking Reservation System - Joomla! SQL Injection

Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (2) com_5starhotels module. NOTE: some of these details are obtained from third party information.

View Code

CVE-2009-4935 EXPLOITDB text WRITEUP

Online Guestbook Pro - SQL Injection via display Parameter

SQL injection vulnerability in ogp_show.php in Online Guestbook Pro allows remote attackers to execute arbitrary SQL commands via the display parameter.

View Code

CVE-2008-3204 EXPLOITDB text WORKING POC

E-topbiz Million Pixels 3 - SQL Injection

SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels 3 allows remote attackers to execute arbitrary SQL commands via the id_cat parameter.

View Code

CVE-2008-6485 EXPLOITDB text WORKING POC

SoftComplex PHP Image Gallery - SQL Injection via ctg Parameter

SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery allows remote attackers to execute arbitrary SQL commands via the ctg parameter.

View Code

CVE-2008-3757 EXPLOITDB text WORKING POC

YourFreeWorld Forced Matrix Script - SQL Injection

SQL injection vulnerability in tr1.php in YourFreeWorld Forced Matrix Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

CVE-2008-3751 EXPLOITDB text WORKING POC

YourFreeWorld Short Url & Url Tracker Script - SQL Injection

SQL injection vulnerability in tr.php in YourFreeWorld Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

CVE-2008-3749 EXPLOITDB text WORKING POC

YourFreeWorld Banner Mgr < - SQL Injection

SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

CVE-2008-5874 EXPLOITDB text WRITEUP

Hotel Booking Reservation System - Joomla! SQL Injection

Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (2) com_5starhotels module. NOTE: some of these details are obtained from third party information.

View Code

EIP-2026-118588 EXPLOITDB text WRITEUP

Freewebscriptz Online Games Login - Multiple SQL Injections

View Code

CVE-2008-3755 EXPLOITDB text WORKING POC

YourFreeWorld Classifieds Script - SQL Injection

SQL injection vulnerability in view.php in YourFreeWorld Classifieds Script allows remote attackers to execute arbitrary SQL commands via the category parameter.

View Code

CVE-2008-4885 EXPLOITDB text WORKING POC

YourFreeWorld Scrolling Text Ads Script - SQL Injection via id Parameter

SQL injection vulnerability in tr1.php in YourFreeWorld Scrolling Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

CVE-2008-4621 EXPLOITDB text WORKING POC

ZeeScripts Zeeproperty - SQL Injection via bannerclick.php adid Parameter

SQL injection vulnerability in bannerclick.php in ZeeScripts Zeeproperty allows remote attackers to execute arbitrary SQL commands via the adid parameter.

View Code

CVE-2008-4881 EXPLOITDB text WORKING POC

YourFreeWorld Reminder Service Script - SQL Injection via id Parameter

SQL injection vulnerability in tr.php in YourFreeWorld Reminder Service Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

CVE-2008-4900 EXPLOITDB text WORKING POC

YourFreeWorld Classifieds Blaster Script - SQL Injection via tr.php id Parameter

SQL injection vulnerability in tr.php in YourFreeWorld Classifieds Blaster Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

CVE-2008-4883 EXPLOITDB text WORKING POC

YourFreeWorld Blog Blaster Script - SQL Injection via tr.php id Parameter

SQL injection vulnerability in tr.php in YourFreeWorld Blog Blaster Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code

EIP-2026-114547 EXPLOITDB text WORKING POC

YourFreeWorld Programs Rating - SQL Injection

View Code