Hussin X

137 exploits Active since Feb 2007
CVE-2008-6488 EXPLOITDB text WORKING POC
SoftComplex PHP Image Gallery 1.0 - SQL Injection via Admin Field in Login Action
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the Admin field in a login action.
CVE-2008-4086 EXPLOITDB text WORKING POC
Reciprocal Links Manager 1.1 - SQL Injection via Site Parameter
SQL injection vulnerability in index.php in Reciprocal Links Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action.
EIP-2026-112026 EXPLOITDB text WORKING POC
ShopMaker CMS 1.0 - 'id' SQL Injection
CVE-2008-6245 EXPLOITDB text WORKING POC
Scripts For Sites EZ BIZ PRO - SQL Injection via track.php id Parameter
SQL injection vulnerability in track.php in Scripts For Sites (SFS) EZ BIZ PRO allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-111637 EXPLOITDB text WORKING POC
Quick Poll - 'code.php?id' SQL Injection
CVE-2008-4744 EXPLOITDB text WORKING POC
DXShopCart 4.30mc - SQL Injection via product_detail.php pid Parameter
SQL injection vulnerability in product_detail.php in DXShopCart 4.30mc allows remote attackers to execute arbitrary SQL commands via the pid parameter.
CVE-2008-6263 EXPLOITDB text WRITEUP
SaturnCMS - SQL Injection via Username Parameter in _userLoggedIn Function
SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the username parameter to the _userLoggedIn function. NOTE: some of these details are obtained from third party information.
CVE-2008-3765 EXPLOITDB text WORKING POC
Quick Poll Script - SQL Injection via id Parameter
SQL injection vulnerability in code.php in Quick Poll Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5493 EXPLOITDB text WORKING POC
PHPStore Wholesales - SQL Injection
SQL injection vulnerability in track.php in PHPStore Wholesales (aka Wholesale) allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3366 EXPLOITDB text WORKING POC
Pligg CMS Beta 9.9.0 - SQL Injection
SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2008-1774.
CVE-2008-3025 EXPLOITDB text WORKING POC
plx Ad Trader 3.2 - SQL Injection via adid Parameter
SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter in a redir action.
EIP-2026-111422 EXPLOITDB text WORKING POC
post Card - 'catid' SQL Injection
CVE-2008-5496 EXPLOITDB text WORKING POC
PozScripts Business Directory Script - SQL Injection
SQL injection vulnerability in showcategory.php in PozScripts Business Directory Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-3673 EXPLOITDB text WORKING POC
PozScripts Classified Ads - SQL Injection
SQL injection vulnerability in browsecats.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3672.
CVE-2008-4755 EXPLOITDB text WORKING POC
PozScripts Classified Auctions Script - SQL Injection via gotourl.php id Parameter
SQL injection vulnerability in gotourl.php in PozScripts Classified Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-111468 EXPLOITDB text WORKING POC
Pre ADS Portal - 'cid' SQL Injection
EIP-2026-111477 EXPLOITDB text WORKING POC
Pre News Manager - 'nid' SQL Injection
CVE-2008-5058 EXPLOITDB text WORKING POC
Pre Simple CMS - SQL Injection via User Parameter
SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers to execute arbitrary SQL commands via the user parameter, as reachable from siteadmin/adminlogin.php. NOTE: some of these details are obtained from third party information.
CVE-2008-6214 EXPLOITDB text WORKING POC
Harlandscripts Pro Traffic One - SQL Injection via poll_results.php id Parameter
SQL injection vulnerability in poll_results.php in Harlandscripts Pro Traffic One allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-1034 EXPLOITDB text WORKING POC
Emporium Module < 2.3.0 - SQL Injection via category_id Parameter
SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
CVE-2008-3487 EXPLOITDB text WORKING POC
PHPAuction GPL Enhanced 2.51 - SQL Injection
SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced 2.51 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2900 EXPLOITDB text WORKING POC
PHPAuction 3.2 - SQL Injection via item.php id Parameter
SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3711 EXPLOITDB text WORKING POC
PHPArcadeScript 4.0 - SQL Injection
SQL injection vulnerability in index.php in PHPArcadeScript (PHP Arcade Script) 4.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter in a browse action.
EIP-2026-110552 EXPLOITDB text WORKING POC
PersianBB - 'id' SQL Injection
EIP-2026-110824 EXPLOITDB text WORKING POC
PHP-MySQL-Quiz - SQL Injection