Hussin X

137 exploits Active since Feb 2007
CVE-2008-6488 EXPLOITDB text WORKING POC
Softcomplex Php Image Gallery - SQL Injection
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the Admin field in a login action.
CVE-2008-4086 EXPLOITDB text WORKING POC
Source Workshop Reciprocal Links Manager - SQL Injection
SQL injection vulnerability in index.php in Reciprocal Links Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action.
EIP-2026-112026 EXPLOITDB text WORKING POC
ShopMaker CMS 1.0 - 'id' SQL Injection
CVE-2008-6245 EXPLOITDB text WORKING POC
Scripts-for-sites EZ Biz Pro - SQL Injection
SQL injection vulnerability in track.php in Scripts For Sites (SFS) EZ BIZ PRO allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-111637 EXPLOITDB text WORKING POC
Quick Poll - 'code.php?id' SQL Injection
CVE-2008-4744 EXPLOITDB text WORKING POC
Dxproscripts Dxshopcart - SQL Injection
SQL injection vulnerability in product_detail.php in DXShopCart 4.30mc allows remote attackers to execute arbitrary SQL commands via the pid parameter.
CVE-2008-6263 EXPLOITDB text WRITEUP
Infireal Saturncms - SQL Injection
SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the username parameter to the _userLoggedIn function. NOTE: some of these details are obtained from third party information.
CVE-2008-3765 EXPLOITDB text WORKING POC
Quick Poll Script - SQL Injection
SQL injection vulnerability in code.php in Quick Poll Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5493 EXPLOITDB text WORKING POC
PHPStore Wholesales - SQL Injection
SQL injection vulnerability in track.php in PHPStore Wholesales (aka Wholesale) allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3366 EXPLOITDB text WORKING POC
Pligg CMS Beta 9.9.0 - SQL Injection
SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2008-1774.
CVE-2008-3025 EXPLOITDB text WORKING POC
PLX WEB Studio Plx AD Trader - SQL Injection
SQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter in a redir action.
EIP-2026-111422 EXPLOITDB text WORKING POC
post Card - 'catid' SQL Injection
CVE-2008-5496 EXPLOITDB text WORKING POC
PozScripts Business Directory Script - SQL Injection
SQL injection vulnerability in showcategory.php in PozScripts Business Directory Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-3673 EXPLOITDB text WORKING POC
PozScripts Classified Ads - SQL Injection
SQL injection vulnerability in browsecats.php in PozScripts Classified Ads allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2008-3672.
CVE-2008-4755 EXPLOITDB text WORKING POC
Pozscripts Classified Auctions Script - SQL Injection
SQL injection vulnerability in gotourl.php in PozScripts Classified Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-111468 EXPLOITDB text WORKING POC
Pre ADS Portal - 'cid' SQL Injection
EIP-2026-111477 EXPLOITDB text WORKING POC
Pre News Manager - 'nid' SQL Injection
CVE-2008-5058 EXPLOITDB text WORKING POC
Preproject Pre Simple Cms - SQL Injection
SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers to execute arbitrary SQL commands via the user parameter, as reachable from siteadmin/adminlogin.php. NOTE: some of these details are obtained from third party information.
CVE-2008-6214 EXPLOITDB text WORKING POC
Harlandscripts Pro Traffic One - SQL Injection
SQL injection vulnerability in poll_results.php in Harlandscripts Pro Traffic One allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-1034 EXPLOITDB text WORKING POC
Emporium <2.3.0 - SQL Injection
SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter.
CVE-2008-3487 EXPLOITDB text WORKING POC
PHPAuction GPL Enhanced 2.51 - SQL Injection
SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced 2.51 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2900 EXPLOITDB text WORKING POC
Phpauction - SQL Injection
SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3711 EXPLOITDB text WORKING POC
PHPArcadeScript 4.0 - SQL Injection
SQL injection vulnerability in index.php in PHPArcadeScript (PHP Arcade Script) 4.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter in a browse action.
EIP-2026-110552 EXPLOITDB text WORKING POC
PersianBB - 'id' SQL Injection
EIP-2026-110824 EXPLOITDB text WORKING POC
PHP-MySQL-Quiz - SQL Injection