Qex

10 exploits Active since Apr 2006
CVE-2006-1802 EXPLOITDB text WORKING POC
TinyWebGallery 1.3 and 1.4 - Cross-Site Scripting via twg_album Parameter
Cross-site scripting (XSS) vulnerability in index.php in TinyWebGallery 1.3 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the twg_album parameter.
CVE-2006-1926 EXPLOITDB text WRITEUP
ThWboard <= 2.84 beta 3 - SQL Injection via showtopic.php pagenum Parameter
SQL injection vulnerability in showtopic.php in ThWboard 2.84 beta 3 and earlier allows remote attackers to execute arbitrary SQL commands via the pagenum parameter.
EIP-2026-111070 EXPLOITDB text WORKING POC
PHPGuestbook 0.0.2/1.0 - HTML Injection
CVE-2006-2079 EXPLOITDB text WRITEUP
Verosky Media Instant Photo Gallery - Cross-Site Scripting via portfolio.php cat_id Parameter
Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky Media Instant Photo Gallery, possibly before 1.0.2, allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter.
CVE-2006-2052 EXPLOITDB text WRITEUP
Verosky Media Instant Photo Gallery - Cross-Site Scripting via Member Parameter
Cross-site scripting (XSS) vulnerability in Verosky Media Instant Photo Gallery allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action in member.php. NOTE: the original report may be inaccurate, since the "viewpro" string does not appear in the source code for version 1.0.2 of the product.
CVE-2006-2052 EXPLOITDB text WRITEUP
Verosky Media Instant Photo Gallery - Cross-Site Scripting via Member Parameter
Cross-site scripting (XSS) vulnerability in Verosky Media Instant Photo Gallery allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action in member.php. NOTE: the original report may be inaccurate, since the "viewpro" string does not appear in the source code for version 1.0.2 of the product.
CVE-2006-2070 EXPLOITDB text WRITEUP
DevBB 1.0.0 - Cross-Site Scripting via Member Parameter
Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action.
CVE-2006-2127 EXPLOITDB text WRITEUP
Blog Mod 0.2.x - SQL Injection via r Parameter
SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2.x allows remote attackers to execute arbitrary SQL commands via the r parameter.
EIP-2026-104839 EXPLOITDB text WRITEUP
4homepages 4Images 1.7 - 'member.php' Cross-Site Scripting
EIP-2026-100749 EXPLOITDB text WRITEUP
axoverzicht.CGI - Cross-Site Scripting