JosS - Security Researcher - Exploit Intelligence Platform

CVE-2007-5484 EXPLOITDB text WORKING POC

WWWISIS 7.1 - Path Traversal via IsisScript Parameter

Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows local users to read arbitrary files via a .. (dot dot) in the IsisScript parameter to iah.

View Code

CVE-2008-4204 EXPLOITDB text WRITEUP

SoftAcid Hotel Reservation System - SQL Injection via city Parameter

SQL injection vulnerability in city.asp in SoftAcid Hotel Reservation System (HRS) allows remote attackers to execute arbitrary SQL commands via the city parameter.

View Code

EIP-2026-100576 EXPLOITDB perl WORKING POC

StanWeb.CMS - SQL Injection

View Code

CVE-2008-0291 EXPLOITDB perl WORKING POC

RichStrong CMS - SQL Injection via showproduct.asp cat Parameter

SQL injection vulnerability in showproduct.asp in RichStrong CMS allows remote attackers to execute arbitrary SQL commands via the cat parameter.

View Code

EIP-2026-100521 EXPLOITDB text WORKING POC

Real Estate Website 1.0 - 'location.asp' Multiple Input Validation Vulnerabilities

View Code

EIP-2026-100520 EXPLOITDB text WORKING POC

real estate Web site 1.0 - SQL Injection / Cross-Site Scripting

View Code

CVE-2008-1426 EXPLOITDB text WORKING POC

KAPhotoservice - SQL Injection via album.asp albumid Parameter

SQL injection vulnerability in album.asp in KAPhotoservice allows remote attackers to execute arbitrary SQL commands via the albumid parameter.

View Code

EIP-2026-100343 EXPLOITDB text WORKING POC

GR Note 0.94 Beta - (Authentication Bypass) Remote Database Backup

View Code

CVE-2008-2554 EXPLOITDB text WRITEUP

BP Blog 6.0 - SQL Injection via id or cat Parameter

Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp and (2) cat parameter to template_archives_cat.asp.

View Code

CVE-2008-5268 EXPLOITDB text WORKING POC

ASPPortal - SQL Injection via Topic_Id Parameter

SQL injection vulnerability in content/forums/reply.asp in ASPPortal allows remote attackers to execute arbitrary SQL commands via the Topic_Id parameter.

View Code

CVE-2008-2917 EXPLOITDB text WORKING POC

E-SMART CART - SQL Injection via category_id Parameter

SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote attackers to execute arbitrary SQL commands via the category_id parameter.

View Code