OoN_Boy

50 exploits Active since Apr 2009
CVE-2010-1979 EXPLOITDB text WORKING POC
Affiliatefeeds Com Datafeeds - Path Traversal
Directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
EIP-2026-108207 EXPLOITDB text WORKING POC
Joomla! Component Appointment 1.5 - Local File Inclusion
CVE-2010-1714 EXPLOITDB text WORKING POC
Dev.pucit.edu.pk Com Arcadegames - Path Traversal
Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1494 EXPLOITDB text WORKING POC
Joomla! com_awdwall 1.5.4 - Path Traversal
Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
EIP-2026-108360 EXPLOITDB text WORKING POC
Joomla! Component com_google - Local File Inclusion
EIP-2026-108384 EXPLOITDB text WORKING POC
Joomla! Component com_jajobboard - Multiple Local File Inclusions
EIP-2026-108524 EXPLOITDB text WORKING POC
Joomla! Component com_s5clanroster - Local File Inclusion
EIP-2026-108529 EXPLOITDB text WORKING POC
Joomla! Component com_sebercart - 'getPic.php' Local File Disclosure
EIP-2026-108554 EXPLOITDB text WORKING POC
Joomla! Component com_spsnewsletter - Local File Inclusion
EIP-2026-108591 EXPLOITDB text WORKING POC
Joomla! Component com_webeecomment 2.0 - Local File Inclusion
EIP-2026-108592 EXPLOITDB text WORKING POC
Joomla! Component com_wgpicasa - Local File Inclusion
EIP-2026-108618 EXPLOITDB text WORKING POC
Joomla! Component CV Maker 1.0 - Local File Inclusion
CVE-2010-1955 EXPLOITDB text WORKING POC
Thefactory Com Blogfactory - Path Traversal
Directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
EIP-2026-108622 EXPLOITDB text WORKING POC
Joomla! Component Digital Diary 1.5.0 - Local File Inclusion
EIP-2026-108650 EXPLOITDB text WORKING POC
Joomla! Component FlashGames 1.5.0 - Local File Inclusion
CVE-2009-3349 EXPLOITDB text WORKING POC
Datavore Gyro - SQL Injection
SQL injection vulnerability in Datavore Gyro 5.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter in a cat action to the home component.
EIP-2026-106891 EXPLOITDB text WRITEUP
Entrepreneur Job Portal Script 2.06 - SQL Injection
EIP-2026-105615 EXPLOITDB text WRITEUP
BPStudent 1.0 - Blind SQL Injection
CVE-2009-3502 EXPLOITDB text WRITEUP
Bpowerhouse Bpmusic - SQL Injection
SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 allows remote attackers to execute arbitrary SQL commands via the music_id parameter.
CVE-2009-3500 EXPLOITDB perl WORKING POC
Bpowerhouse Bpgames - SQL Injection
Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to main.php and (2) game_id parameter to game.php.
EIP-2026-105356 EXPLOITDB text WRITEUP
B2B Portal Script - Blind SQL Injection
EIP-2026-104972 EXPLOITDB text WRITEUP
Advance MLM Script - SQL Injection
CVE-2009-3436 EXPLOITDB text WORKING POC
Maxwebportal - SQL Injection
Multiple SQL injection vulnerabilities in forum.asp in MaxWebPortal allow remote attackers to execute arbitrary SQL commands via the (1) FORUM_ID or (2) CAT_ID parameter. NOTE: this might overlap CVE-2005-1417.
CVE-2009-3499 EXPLOITDB text WRITEUP
Bpowerhouse Bplawyercasedocuments - SQL Injection
SQL injection vulnerability in employee.aspx in BPowerHouse BPLawyerCaseDocuments 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2009-3503 EXPLOITDB text WRITEUP
Bpowerhouse Bpholidaylettings - SQL Injection
Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) rid and (2) tid parameters.