R3d-D3V!L

91 exploits Active since Jun 2005
EIP-2026-100444 EXPLOITDB text WORKING POC
Multi-Lingual Application - Blind SQL Injection
CVE-2009-2614 EXPLOITDB text WORKING POC
DataCheck Solutions LinkPal <1 - SQL Injection
SQL injection vulnerability in z_admin_login.asp in DataCheck Solutions LinkPal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-3343 EXPLOITDB text WRITEUP
Hotwebscripts Hotweb Rentals - SQL Injection
SQL injection vulnerability in details.asp in HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PropId parameter.
EIP-2026-100336 EXPLOITDB text WRITEUP
gallery_show.asp - GID Blind SQL Injection
CVE-2009-2365 EXPLOITDB text WORKING POC
DataCheck Solutions GalleryPal FE 1.5 - SQL Injection
SQL injection vulnerability in login.asp in DataCheck Solutions GalleryPal FE 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6379 EXPLOITDB text WRITEUP
Mxmania Gallery MX - SQL Injection
SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2009-2619 EXPLOITDB text WORKING POC
DataCheck Solutions V-SpacePal - SQL Injection
SQL injection vulnerability in login.asp in DataCheck Solutions V-SpacePal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-100587 EXPLOITDB text WRITEUP
Texas Rankem - 'player_id' SQL Injection
EIP-2026-100558 EXPLOITDB text WRITEUP
Smart ASPad - 'campaignEdit.asp?CCam' Blind SQL Injection
EIP-2026-100552 EXPLOITDB text WORKING POC
SitePal 1.1 - Authentication Bypass
EIP-2026-100523 EXPLOITDB text WRITEUP
RecipePal 1.0 - SQL Injection
CVE-2008-6950 EXPLOITDB text WORKING POC
Webhost-panel Bankoi Webhosting Control Panel - SQL Injection
Multiple SQL injection vulnerabilities in login.asp in Bankoi WebHosting Control Panel 1.20 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field.
CVE-2008-6889 EXPLOITDB text WRITEUP
Activewebsoftwares Aspreferral - SQL Injection
SQL injection vulnerability in Merchantsadd.asp in ASPReferral 5.3 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter.
EIP-2026-100131 EXPLOITDB text WRITEUP
ASPGuest - 'edit.asp?ID' Blind SQL Injection
CVE-2008-6366 EXPLOITDB text WORKING POC
Adserversolutions Affiliate Software Java - SQL Injection
SQL injection vulnerability in logon.jsp in Ad Server Solutions Affiliate Software Java 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, possibly related to the uname and pass parameters to logon_process.jsp. NOTE: some of these details are obtained from third party information.
CVE-2008-6365 EXPLOITDB text WORKING POC
Adserversolutions AD Management Software - SQL Injection
SQL injection vulnerability in logon.jsp in Ad Server Solutions Ad Management Software Java allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, related to the uname or pass parameters to logon.jsp or logon_processing.jsp. NOTE: some of these details are obtained from third party information.
CVE-2008-5633 EXPLOITDB text WORKING POC
ActiveVotes 2.2 - SQL Injection
SQL injection vulnerability in register.asp in ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information.
CVE-2008-5365 EXPLOITDB text WRITEUP
ActiveWebSoftwares ActiveVotes <2.2 - SQL Injection
SQL injection vulnerability in VoteHistory.asp in ActiveWebSoftwares ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter.
CVE-2005-2062 EXPLOITDB text WRITEUP
Active WEB Softwares Activebuyandsell - SQL Injection
Multiple SQL injection vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to execute arbitrary SQL commands via the catid parameter to (1) default.asp or (2) buyersend.asp, (3) Administrator ID field in admin.asp, E-mail field in (4) advertiserstart.asp or (5) buyer.asp, or Keyword field in search.asp.
EIP-2026-100095 EXPLOITDB text WORKING POC
Active Websurvey 9.1 - Authentication Bypass
CVE-2008-6873 EXPLOITDB text WRITEUP
Activewebsoftwares Active Web Mail - SQL Injection
SQL injection vulnerability in Active Web Mail 4.0 allows remote attackers to execute arbitrary SQL commands via the TabOpenQuickTab1 parameter to (1) popaccounts.aspx, (2) addressbook.aspx, and (3) emails.aspx.
CVE-2008-5974 EXPLOITDB text WORKING POC
Active Price Comparison 4.0 - SQL Injection
Multiple SQL injection vulnerabilities in login.aspx in Active Price Comparison 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) password and (2) username fields.
CVE-2008-5627 EXPLOITDB text WORKING POC
Active Trade 2 - SQL Injection
SQL injection vulnerability in account.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter (aka Email field) or the (2) password parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-5959 EXPLOITDB text WORKING POC
Active Test 2.1 - SQL Injection
Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or (2) password parameter (aka password field). NOTE: some of these details are obtained from third party information.
CVE-2008-5958 EXPLOITDB text WRITEUP
Active Test 2.1 - SQL Injection
Multiple SQL injection vulnerabilities in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp.