L0rd CrusAd3r

87 exploits Active since Jun 2010
CVE-2010-2700 EXPLOITDB text WRITEUP
Edge PHP Clickbank Affiliate Marketplace Script - XSS
Cross-site scripting (XSS) vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2010-4999 EXPLOITDB text WRITEUP
esoftpro Online Photo Pro 2.0 - SQL Injection
SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter.
CVE-2010-4996 EXPLOITDB text WRITEUP
Esoftpro Online Guestbook Pro 5.1 - SQL Injection
SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
EIP-2026-106701 EXPLOITDB text WRITEUP
Easy Travel Portal - SQL Injection
EIP-2026-106429 EXPLOITDB text SUSPICIOUS
Development Site Professional Liberal - Company Institutional SQL Injection
EIP-2026-105948 EXPLOITDB text WRITEUP
Clix'N'Cash Clone 2010 - 'index.php' SQL Injection
EIP-2026-105893 EXPLOITDB text WRITEUP
Classifieds Script - 'rate' SQL Injection
CVE-2010-4979 EXPLOITDB text WRITEUP
CANDID - SQL Injection via image_id Parameter
SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter.
CVE-2010-4978 EXPLOITDB text WRITEUP
CANDID - Cross-Site Scripting via image_id Parameter
Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the image_id parameter.
CVE-2010-4981 EXPLOITDB text WRITEUP
YourFreeWorld Banner Management - SQL Injection
SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-104144 EXPLOITDB text WRITEUP
(GREEZLE) Global Real Estate Agent Login - Multiple SQL Injections
EIP-2026-100522 EXPLOITDB text WRITEUP
Real-time ASP Calendar - SQL Injection
CVE-2010-2338 EXPLOITDB text WRITEUP
VU Web Visitor Analyst - SQL Injection via redir.asp Username or Password Parameter
Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor Analyst allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-100609 EXPLOITDB text WRITEUP
VU Mass Mailer - Authentication Bypass
EIP-2026-100608 EXPLOITDB text WRITEUP
VU Case Manager - Authentication Bypass
CVE-2010-5045 EXPLOITDB text WRITEUP
Smart ASP Survey - Cross-Site Scripting via catid Parameter
Cross-site scripting (XSS) vulnerability in poll/default.asp in Smart ASP Survey allows remote attackers to inject arbitrary web script or HTML via the catid parameter.
CVE-2010-4635 EXPLOITDB text WRITEUP
Site2Nite Vacation Rental Listings - SQL Injection via detail.asp ID Parameter
SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental (VRBO) Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2010-4636 EXPLOITDB text WRITEUP
Site2Nite Business e-Listings - SQL Injection via ID Parameter
SQL injection vulnerability in detail.asp in Site2Nite Business e-Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter.
EIP-2026-100538 EXPLOITDB text WRITEUP
SAS Hotel Management System - 'notfound' SQL Injection
EIP-2026-100526 EXPLOITDB text WRITEUP
Restaurant Listing with Online Ordering - SQL Injection
CVE-2010-4186 EXPLOITDB text WRITEUP
OnlineTechTools OWOS Professional Edition 2.10 - SQL Injection via Password Parameter
SQL injection vulnerability in process.asp in OnlineTechTools Online Work Order System (OWOS) Professional Edition 2.10 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-2342 EXPLOITDB text WRITEUP
DMXReady Online Notebook Manager 1.0 - SQL Injection via ItemID Parameter
SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady Online Notebook Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2010-4919 EXPLOITDB text WRITEUP
Micronetsoft RV Dealer Website 1.0 - SQL Injection
SQL injection vulnerability in detail.asp in Micronetsoft RV Dealer Website 1.0 allows remote attackers to execute arbitrary SQL commands via the vehicletypeID parameter.
CVE-2010-4920 EXPLOITDB text WRITEUP
Micronetsoft Rental Property Mgmt <1.0 - SQL Injection
SQL injection vulnerability in detail.asp in Micronetsoft Rental Property Management Website 1.0 allows remote attackers to execute arbitrary SQL commands via the ad_ID parameter.
EIP-2026-100100 EXPLOITDB text WRITEUP
Acuity CMS 2.7.1 - SQL Injection