Iron

5 exploits Active since Jul 2007
CVE-2007-3519 EXPLOITDB perl WORKING POC
phpEventCalendar < 0.2.3 - SQL Injection via eventdisplay.php id Parameter
SQL injection vulnerability in eventdisplay.php in phpEventCalendar 0.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-5056 EXPLOITDB perl WORKING POC
ADOdb Lite < 1.42 - Remote Code Execution via last_module Parameter
Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter.
CVE-2007-5056 EXPLOITDB perl WORKING POC
ADOdb Lite < 1.42 - Remote Code Execution via last_module Parameter
Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter.
CVE-2008-1121 EXPLOITDB perl WORKING POC
eazyportal < 1.0 - SQL Injection via session_vars Cookie
SQL injection vulnerability in index.php in eazyPortal 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the session_vars cookie.
CVE-2008-1038 EXPLOITDB perl WORKING POC
DBHcms - Remote Code Execution via extmanager_install Parameter
PHP remote file inclusion vulnerability in mod/mod.extmanager.php in DBHcms 1.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the extmanager_install parameter.