JosS - Security Researcher - Exploit Intelligence Platform

CVE-2007-5484 EXPLOITDB text WORKING POC

Wwwisis - Path Traversal

Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows local users to read arbitrary files via a .. (dot dot) in the IsisScript parameter to iah.

View Code

CVE-2008-4204 EXPLOITDB text WRITEUP

Softacid Hotel Reservation System - SQL Injection

SQL injection vulnerability in city.asp in SoftAcid Hotel Reservation System (HRS) allows remote attackers to execute arbitrary SQL commands via the city parameter.

View Code

EIP-2026-100576 EXPLOITDB perl WORKING POC

StanWeb.CMS - SQL Injection

View Code

CVE-2008-0291 EXPLOITDB perl WORKING POC

Hangzhou Rui-qiang Richstrong Cms - SQL Injection

SQL injection vulnerability in showproduct.asp in RichStrong CMS allows remote attackers to execute arbitrary SQL commands via the cat parameter.

View Code

EIP-2026-100521 EXPLOITDB text WORKING POC

Real Estate Website 1.0 - 'location.asp' Multiple Input Validation Vulnerabilities

View Code

EIP-2026-100520 EXPLOITDB text WORKING POC

real estate Web site 1.0 - SQL Injection / Cross-Site Scripting

View Code

CVE-2008-1426 EXPLOITDB text WORKING POC

KAPhotoservice - SQL Injection

SQL injection vulnerability in album.asp in KAPhotoservice allows remote attackers to execute arbitrary SQL commands via the albumid parameter.

View Code

EIP-2026-100343 EXPLOITDB text WORKING POC

GR Note 0.94 Beta - (Authentication Bypass) Remote Database Backup

View Code

CVE-2008-2554 EXPLOITDB text WRITEUP

BP Blog - SQL Injection

Multiple SQL injection vulnerabilities in BP Blog 6.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to template_permalink.asp and (2) cat parameter to template_archives_cat.asp.

View Code

CVE-2008-5268 EXPLOITDB text WORKING POC

ASPPortal - SQL Injection

SQL injection vulnerability in content/forums/reply.asp in ASPPortal allows remote attackers to execute arbitrary SQL commands via the Topic_Id parameter.

View Code

CVE-2008-2917 EXPLOITDB text WORKING POC

Preprojects E-smart Cart - SQL Injection

SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote attackers to execute arbitrary SQL commands via the category_id parameter.

View Code