JeiAr

101 exploits Active since Aug 2003
CVE-2004-1966 EXPLOITDB text WRITEUP
Openbb - SQL Injection
Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) forums parameter in search.php, or (4) PID or FID parameters in post.php.
CVE-2004-1965 EXPLOITDB text WRITEUP
OpenBB 1.0.6 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.
CVE-2004-1966 EXPLOITDB text WRITEUP
Openbb - SQL Injection
Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) forums parameter in search.php, or (4) PID or FID parameters in post.php.
CVE-2004-1965 EXPLOITDB text WRITEUP
OpenBB 1.0.6 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.
CVE-2004-1965 EXPLOITDB text WRITEUP
OpenBB 1.0.6 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.
CVE-2004-1966 EXPLOITDB text WRITEUP
Openbb - SQL Injection
Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) forums parameter in search.php, or (4) PID or FID parameters in post.php.
CVE-2004-1966 EXPLOITDB text WRITEUP
Openbb - SQL Injection
Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) forums parameter in search.php, or (4) PID or FID parameters in post.php.
CVE-2004-1965 EXPLOITDB text WRITEUP
OpenBB 1.0.6 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.
EIP-2026-110369 EXPLOITDB perl SCANNER
osCommerce 2.2 - SQL Injection
EIP-2026-110365 EXPLOITDB text WRITEUP
osCommerce 2.2 - 'products_id' SQL Injection
CVE-2003-1219 EXPLOITDB text WRITEUP
Oscommerce < 2.2_ms2 - XSS
Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osCommerce before 2.2-MS3 allows remote attackers to inject arbitrary web script or HTML via the osCsid parameter.
CVE-2004-1826 EXPLOITDB text WRITEUP
Mambo Open Source 4.5 - SQL Injection
SQL injection vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-109305 EXPLOITDB text WRITEUP
Mambo Open Source 4.5 - 'index.php?mos_change_template' Cross-Site Scripting
CVE-2004-1825 EXPLOITDB text WRITEUP
Mambo Open Source - XSS
Cross-site scripting (XSS) vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) return or (2) mos_change_template parameters.
CVE-2004-1835 EXPLOITDB text WRITEUP
Invision Power Services Invision Gallery - SQL Injection
Multiple SQL injection vulnerabilities in index.php in Invision Gallery 1.0.1 allow remote attackers to execute arbitrary SQL via the (1) img, (2) cat, (3) sort_key, (4) order_key, (5) user, or (6) album parameters.
CVE-2004-1836 EXPLOITDB text WRITEUP
Invision Power Services Invision Power Top Site List - SQL Injection
SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows remote attackers to execute arbitrary SQL via the id parameter of the comments action.
EIP-2026-104881 EXPLOITDB text WRITEUP
Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities
EIP-2026-100848 EXPLOITDB text WRITEUP
M-TECH P-Synch 6.2.5 - 'nph-psf.exe?css' Remote File Inclusion
EIP-2026-100858 EXPLOITDB text WRITEUP
MetaDot Portal Server 5.6.x - index.pl Information Disclosure
EIP-2026-100857 EXPLOITDB text WORKING POC
MetaDot Portal Server 5.6.x - 'userchannel.pl?op' Cross-Site Scripting
EIP-2026-100856 EXPLOITDB text WRITEUP
MetaDot Portal Server 5.6.x - 'index.pl' Multiple SQL Injections
EIP-2026-100855 EXPLOITDB text WORKING POC
MetaDot Portal Server 5.6.x - 'index.pl' Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-100847 EXPLOITDB text WRITEUP
M-TECH P-Synch 6.2.5 - 'nph-psa.exe?css' Remote File Inclusion
CVE-2003-1213 EXPLOITDB text WRITEUP
MaxWebPortal 1.30 - Info Disclosure
The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb.
CVE-2003-0492 EXPLOITDB text WRITEUP
Snitz Forums <3.4.03 - XSS
Cross-site scripting (XSS) vulnerability in search.asp for Snitz Forums 3.4.03 and earlier allows remote attackers to execute arbitrary web script via the Search parameter.