L0rd CrusAd3r

87 exploits Active since Jun 2010
CVE-2010-2700 EXPLOITDB text WRITEUP
Edge PHP Clickbank Affiliate Marketplace Script - XSS
Cross-site scripting (XSS) vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2010-4999 EXPLOITDB text WRITEUP
esoftpro Online Photo Pro 2.0 - SQL Injection
SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter.
CVE-2010-4996 EXPLOITDB text WRITEUP
Esoftpro Online Guestbook Pro 5.1 - SQL Injection
SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
EIP-2026-106701 EXPLOITDB text WRITEUP
Easy Travel Portal - SQL Injection
EIP-2026-106429 EXPLOITDB text SUSPICIOUS
Development Site Professional Liberal - Company Institutional SQL Injection
EIP-2026-105948 EXPLOITDB text WRITEUP
Clix'N'Cash Clone 2010 - 'index.php' SQL Injection
EIP-2026-105893 EXPLOITDB text WRITEUP
Classifieds Script - 'rate' SQL Injection
CVE-2010-4979 EXPLOITDB text WRITEUP
CANDID - SQL Injection
SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter.
CVE-2010-4978 EXPLOITDB text WRITEUP
CANDID - XSS
Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the image_id parameter.
CVE-2010-4981 EXPLOITDB text WRITEUP
YourFreeWorld Banner Management - SQL Injection
SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-104144 EXPLOITDB text WRITEUP
(GREEZLE) Global Real Estate Agent Login - Multiple SQL Injections
EIP-2026-100522 EXPLOITDB text WRITEUP
Real-time ASP Calendar - SQL Injection
CVE-2010-2338 EXPLOITDB text WRITEUP
Vunet VU Web Visitor Analyst - SQL Injection
Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor Analyst allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-100609 EXPLOITDB text WRITEUP
VU Mass Mailer - Authentication Bypass
EIP-2026-100608 EXPLOITDB text WRITEUP
VU Case Manager - Authentication Bypass
CVE-2010-5045 EXPLOITDB text WRITEUP
Smart ASP Survey - XSS
Cross-site scripting (XSS) vulnerability in poll/default.asp in Smart ASP Survey allows remote attackers to inject arbitrary web script or HTML via the catid parameter.
CVE-2010-4635 EXPLOITDB text WRITEUP
Site2nite Vacation Rental Listings - SQL Injection
SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental (VRBO) Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2010-4636 EXPLOITDB text WRITEUP
Site2nite Business E-listings - SQL Injection
SQL injection vulnerability in detail.asp in Site2Nite Business e-Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter.
EIP-2026-100538 EXPLOITDB text WRITEUP
SAS Hotel Management System - 'notfound' SQL Injection
EIP-2026-100526 EXPLOITDB text WRITEUP
Restaurant Listing with Online Ordering - SQL Injection
CVE-2010-4186 EXPLOITDB text WRITEUP
Onlinetechtools.com Oasys Professional - SQL Injection
SQL injection vulnerability in process.asp in OnlineTechTools Online Work Order System (OWOS) Professional Edition 2.10 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-2342 EXPLOITDB text WRITEUP
Dmxready Online Notebook Manager - SQL Injection
SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady Online Notebook Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2010-4919 EXPLOITDB text WRITEUP
Micronetsoft RV Dealer Website 1.0 - SQL Injection
SQL injection vulnerability in detail.asp in Micronetsoft RV Dealer Website 1.0 allows remote attackers to execute arbitrary SQL commands via the vehicletypeID parameter.
CVE-2010-4920 EXPLOITDB text WRITEUP
Micronetsoft Rental Property Mgmt <1.0 - SQL Injection
SQL injection vulnerability in detail.asp in Micronetsoft Rental Property Management Website 1.0 allows remote attackers to execute arbitrary SQL commands via the ad_ID parameter.
EIP-2026-100100 EXPLOITDB text WRITEUP
Acuity CMS 2.7.1 - SQL Injection