Hussin X

137 exploits Active since Feb 2007
CVE-2010-4996 EXPLOITDB text WRITEUP
Esoftpro Online Guestbook Pro 5.1 - SQL Injection
SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
CVE-2008-6264 EXPLOITDB text WORKING POC
E-topbiz Slide Popups 1.0 - SQL Injection via Admin Password Parameter
SQL injection vulnerability in admin/admin.php in E-topbiz Slide Popups 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2008-5804 EXPLOITDB text WORKING POC
e-topbiz Number Links 1 - SQL Injection
SQL injection vulnerability in admin/admin_catalog.php in e-topbiz Number Links 1 Php Script allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action.
EIP-2026-106648 EXPLOITDB text WORKING POC
e-topbiz banner exchange PHP - Authentication Bypass
CVE-2008-6261 EXPLOITDB text WRITEUP
E-topbiz AdManager 4 - SQL Injection via View.php Group Parameter
SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows remote attackers to execute arbitrary SQL commands via the group parameter.
CVE-2008-3119 EXPLOITDB text WORKING POC
DreamPics Builder - SQL Injection via Page Parameter
SQL injection vulnerability in index.php in DreamPics Builder allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-3189 EXPLOITDB text WORKING POC
DreamNews Manager - SQL Injection via id Parameter
SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4178 EXPLOITDB text WORKING POC
Downline Goldmine Builder and Addons - SQL Injection via id Parameter
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-4178 EXPLOITDB text WORKING POC
Downline Goldmine Builder and Addons - SQL Injection via id Parameter
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-4178 EXPLOITDB text WORKING POC
Downline Goldmine Builder and Addons - SQL Injection via id Parameter
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-4178 EXPLOITDB text WORKING POC
Downline Goldmine Builder and Addons - SQL Injection via id Parameter
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-106714 EXPLOITDB text WORKING POC
EasyGallery - 'catid' Blind SQL Injection
CVE-2008-2867 EXPLOITDB text WORKING POC
E-topbiz Viral DX 1 2.07 - SQL Injection via adclick.php bannerid Parameter
SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter.
EIP-2026-105889 EXPLOITDB text WORKING POC
Classified Ads Scrip - 'store_info.php?id' SQL Injection
CVE-2008-4090 EXPLOITDB text WORKING POC
PHP Coupon Script 4.0 - SQL Injection via id Parameter in addtocart Action
SQL injection vulnerability in index.php in PHP Coupon Script 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in an addtocart action, a different vector than CVE-2007-2672.
EIP-2026-105895 EXPLOITDB text WORKING POC
Classifieds Script - 'type' SQL Injection
CVE-2008-6007 EXPLOITDB text WORKING POC
QuidaScript BookMarks Favourites Script - SQL Injection
SQL injection vulnerability in view_group.php in QuidaScript BookMarks Favourites Script (APB) allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4172 EXPLOITDB text WORKING POC
Cars & Vehicle Script - SQL Injection via lnkid Parameter
SQL injection vulnerability in page.php in Cars & Vehicle (aka Cars-Vehicle Script) allows remote attackers to execute arbitrary SQL commands via the lnkid parameter.
CVE-2008-6037 EXPLOITDB text WORKING POC
AvailScript Article Script - SQL Injection
SQL injection vulnerability in view.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the v parameter.
EIP-2026-105342 EXPLOITDB text WORKING POC
Azadi Network - 'page' SQL Injection
EIP-2026-105040 EXPLOITDB text WORKING POC
AJ Auction 1.0 - 'id' SQL Injection
EIP-2026-105224 EXPLOITDB text WORKING POC
Arcadem Pro - 'articlecat' SQL Injection
CVE-2008-3386 EXPLOITDB text WORKING POC
AlstraSoft Video Share Enterprise 4.51 - SQL Injection
SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote attackers to execute arbitrary SQL commands via the UID parameter, a different vector than CVE-2007-4086.
CVE-2008-3240 EXPLOITDB text WORKING POC
AlstraSoft Affiliate Network Pro - SQL Injection
SQL injection vulnerability in index.php in AlstraSoft Affiliate Network Pro allows remote attackers to execute arbitrary SQL commands via the pgm parameter in a directory action.
EIP-2026-105050 EXPLOITDB text WORKING POC
AJA Modules Rapidshare 1.0.0 - Arbitrary File Upload