KnocKout

37 exploits Active since Dec 2007
CVE-2010-4799 EXPLOITDB text WRITEUP
Chipmunk Pwngame 1.0 - SQL Injection
Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to authenticate.php and the (3) ID parameter to pwn.php. NOTE: some of these details are obtained from third party information.
CVE-2010-4503 EXPLOITDB text WRITEUP
Aigaion - SQL Injection
SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action.
CVE-2008-1962 EXPLOITDB text WRITEUP
Aterr 0.9.1 - Path Traversal
Multiple directory traversal vulnerabilities in Aterr 0.9.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) class parameter to include/functions.inc.php and the (2) file parameter to include/common.inc.php.
CVE-2007-6542 EXPLOITDB text WORKING POC
Arcadem LE <2.04 - RCE
PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.
EIP-2026-104836 EXPLOITDB text WRITEUP
411cc - Multiple SQL Injections
CVE-2008-2634 EXPLOITDB text WORKING POC
Bearrivernet.net I-pos Internet Pay Online Store < 1.3 - SQL Injection
SQL injection vulnerability in index.asp in I-Pos Internet Pay Online Store 1.3 Beta and earlier allows remote attackers to execute arbitrary SQL commands via the item parameter.
CVE-2010-4855 EXPLOITDB text WORKING POC
xWeblog 2.2 - SQL Injection
SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter.
EIP-2026-100598 EXPLOITDB text WORKING POC
Vifi Radio 1.0 - Cross-Site Request Forgery
EIP-2026-100593 EXPLOITDB text WORKING POC
TradeMC E-Ticaret - SQL Injection / Cross-Site Scripting
CVE-2010-4793 EXPLOITDB text WRITEUP
Site2Nite Auto e-Manager - SQL Injection
SQL injection vulnerability in detail.asp in Site2Nite Auto e-Manager allows remote attackers to execute arbitrary SQL commands via the ID parameter.
EIP-2026-100359 EXPLOITDB text WORKING POC
i-pos StoreFront 1.3 - 'index.asp' SQL Injection
EIP-2026-100341 EXPLOITDB text WORKING POC
gokhun asp stok 1.0 - Multiple Vulnerabilities