MurderSkillz

9 exploits Active since Sep 2006
CVE-2007-3977 EXPLOITDB text WRITEUP
bwired - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in bwired allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2007-3976 EXPLOITDB text WRITEUP
bwired - SQL Injection via NewsID Parameter
SQL injection vulnerability in index.php in bwired allows remote attackers to execute arbitrary SQL commands via the newsID parameter.
EIP-2026-118964 EXPLOITDB html WORKING POC
Nokia Phoenix 2008.4.7 Service Software - ActiveX Controls Multiple Buffer Overflow Vulnerabilities
CVE-2007-2778 EXPLOITDB text WORKING POC
MolyX BOARD 2.5.0 - Directory Traversal via Lang Parameter
Multiple directory traversal vulnerabilities in MolyX BOARD 2.5.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to index.php and other unspecified PHP scripts.
CVE-2007-3460 EXPLOITDB text WRITEUP
eva-web 1.1-2.2 - Remote File Inclusion via aide or perso Parameter
Multiple PHP remote file inclusion vulnerabilities in index.php3 in EVA-Web 1.1 through 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) aide or (2) perso parameter.
EIP-2026-105971 EXPLOITDB text WORKING POC
CMS Galaxie Software - 'category_id' SQL Injection
CVE-2007-3978 EXPLOITDB text WRITEUP
bwired - Session Fixation via PHPSESSID Parameter
Session fixation vulnerability in bwired allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
CVE-2006-4592 EXPLOITDB text WORKING POC
8pixel.net Simple Blog <= 2.3 - SQL Injection via id Parameter
Incomplete blacklist vulnerability in default.asp in 8pixel.net Simple Blog 2.3 and earlier allows remote attackers to conduct SQL injection attacks via ">" characters in the id parameter, which are not filtered by the protection mechanism.
EIP-2026-100148 EXPLOITDB perl WORKING POC
ASPThai.Net Guestbook 5.5 - Authentication Bypass