Moudi

192 exploits Active since Jan 2009
EIP-2026-109430 EXPLOITDB text WORKING POC
Meta Search Engine Script - 'url' Local File Disclosure
CVE-2009-3647 EXPLOITDB text WORKING POC
Yabsoft Mega File Hosting Script - XSS
Cross-site scripting (XSS) vulnerability in emaullinks.php in YABSoft Mega File Hosting Script (aka MFH or MFHS) 1.2 allows remote attackers to inject arbitrary web script or HTML via the moudi parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-109348 EXPLOITDB text WORKING POC
Matterdaddy Market 1.x - 'index.php' Cross-Site Scripting
CVE-2009-3155 EXPLOITDB text WORKING POC
Almondsoft Com Aclassf - XSS
Cross-site scripting (XSS) vulnerability in gmap.php in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the addr parameter.
EIP-2026-108493 EXPLOITDB text WORKING POC
Joomla! Component com_pressrelease - 'id' SQL Injection
EIP-2026-108440 EXPLOITDB text WORKING POC
Joomla! Component com_mediaalert - 'id' SQL Injection
EIP-2026-108200 EXPLOITDB text WORKING POC
Joomla! Component Almond Classifieds 7.5 - Cross-Site Scripting / SQL Injection
CVE-2009-2588 EXPLOITDB text WRITEUP
Hotscripts Type PHP Clone Script - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Hotscripts Type PHP Clone Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php, (2) index.php, and (3) lostpassword.php.
CVE-2009-2427 EXPLOITDB text WRITEUP
Jobbr 2.2.7 - SQL Injection
SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows remote attackers to execute arbitrary SQL commands via the emp_id parameter.
EIP-2026-108097 EXPLOITDB text WORKING POC
JNM Solutions DB Top Sites 1.0 - 'vote.php' Cross-Site Scripting
CVE-2009-2440 EXPLOITDB text WORKING POC
JNM Guestbook 3.0 - XSS
Cross-site scripting (XSS) vulnerability in index.php in JNM Guestbook 3.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2009-3194 EXPLOITDB text WORKING POC
Jce-tech Searchfeed Script - XSS
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech SearchFeed Script allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2009-3196 EXPLOITDB text WORKING POC
Jce-tech Php Video Script - XSS
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech PHP Video Script allows remote attackers to inject arbitrary web script or HTML via the key parameter.
CVE-2009-4542 EXPLOITDB text WORKING POC
IsolSoft Support Center 2.5 - XSS
Cross-site scripting (XSS) vulnerability in newticket.php in IsolSoft Support Center 2.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
CVE-2009-2588 EXPLOITDB text WORKING POC
Hotscripts Type PHP Clone Script - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Hotscripts Type PHP Clone Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php, (2) index.php, and (3) lostpassword.php.
CVE-2009-2588 EXPLOITDB text WORKING POC
Hotscripts Type PHP Clone Script - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Hotscripts Type PHP Clone Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php, (2) index.php, and (3) lostpassword.php.
CVE-2009-3593 EXPLOITDB text WORKING POC
Freewebscriptz Freelancers - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Freelancers 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to placebid.php and (2) jobid parameter to post_resume.php.
CVE-2009-3222 EXPLOITDB text WORKING POC
Freewebscriptz Honest Traffic - XSS
Cross-site scripting (XSS) vulnerability in index.php in FreeWebScriptz Honest Traffic (FWSHT) 1.x allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
CVE-2009-4868 EXPLOITDB text WORKING POC
Hitronsoft Answer ME - XSS
Cross-site scripting (XSS) vulnerability in Hitron Soft Answer Me 1.0 allows remote attackers to inject arbitrary web script or HTML via the q_id parameter to the answers script (aka answers.php). NOTE: some of these details are obtained from third party information.
CVE-2009-4683 EXPLOITDB text WORKING POC
Good/Bad Vote <unknown> - Path Traversal
Directory traversal vulnerability in vote.php in Good/Bad Vote allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter in a dovote action. NOTE: some of these details are obtained from third party information.
CVE-2009-3858 EXPLOITDB text WORKING POC
GejoSoft - XSS
Cross-site scripting (XSS) vulnerability in GejoSoft allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI in photos/tags.
CVE-2009-2778 EXPLOITDB text WORKING POC
GarageSales Script - XSS
Cross-site scripting (XSS) vulnerability in visitor/view.php in GarageSales Script allows remote attackers to inject arbitrary web script or HTML via the key parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-3599 EXPLOITDB text WRITEUP
Freewebscriptz Hubscript - XSS
Cross-site scripting (XSS) vulnerability in single_winner1.php in HUBScript 1.0 allows remote attackers to inject arbitrary web script or HTML via the bid_id parameter.
CVE-2009-3593 EXPLOITDB text WORKING POC
Freewebscriptz Freelancers - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Freelancers 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to placebid.php and (2) jobid parameter to post_resume.php.
EIP-2026-107056 EXPLOITDB text WRITEUP
Fast Guest Book - Authentication Bypass