R00T3RR0R

4 exploits Active since Mar 2006
CVE-2006-1233 EXPLOITDB text WORKING POC
WMNews - Cross-Site Scripting via ArtCat, ctrrowcol, or ArtID Parameter
Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow remote attackers to inject arbitrary web script or HTML via the (1) ArtCat parameter to wmview.php, (2) ctrrowcol parameter to footer.php, or (3) ArtID parameter to wmcomments.php.
CVE-2006-1233 EXPLOITDB text WORKING POC
WMNews - Cross-Site Scripting via ArtCat, ctrrowcol, or ArtID Parameter
Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow remote attackers to inject arbitrary web script or HTML via the (1) ArtCat parameter to wmview.php, (2) ctrrowcol parameter to footer.php, or (3) ArtID parameter to wmcomments.php.
CVE-2006-1233 EXPLOITDB text WORKING POC
WMNews - Cross-Site Scripting via ArtCat, ctrrowcol, or ArtID Parameter
Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow remote attackers to inject arbitrary web script or HTML via the (1) ArtCat parameter to wmview.php, (2) ctrrowcol parameter to footer.php, or (3) ArtID parameter to wmcomments.php.
CVE-2006-1271 EXPLOITDB text WRITEUP
OxyNews - SQL Injection via oxynews_comment_id Parameter
SQL injection vulnerability in index.php in OxyNews allows remote attackers to execute arbitrary SQL commands via the oxynews_comment_id parameter.