S@BUN

147 exploits Active since May 2004
CVE-2008-0754 EXPLOITDB WORKING POC
Joomla Com Rapidrecipe - SQL Injection
Multiple SQL injection vulnerabilities in index.php in the Rapid Recipe (com_rapidrecipe) 1.6.5 component for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the user_id parameter in a showuser action or (2) the category_id parameter in a viewcategorysrecipes action.
CVE-2008-0515 EXPLOITDB text WORKING POC
Joomla Musepoes Component - SQL Injection
SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.
CVE-2006-3598 EXPLOITDB text WORKING POC
Php-nuke Sections Module - SQL Injection
SQL injection vulnerability in the Sections module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle op.
CVE-2008-0937 EXPLOITDB text WORKING POC
Tinyevent - SQL Injection
SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811.
EIP-2026-114479 EXPLOITDB text WORKING POC
XOOPS Recette 2.2 - 'detail.php' SQL Injection
CVE-2008-0683 EXPLOITDB text WORKING POC
Wordpress ST Newsletter Plugin - SQL Injection
SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter.
EIP-2026-114475 EXPLOITDB perl WORKING POC
XOOPS Module Recipe 2.2 - 'detail.php' SQL Injection
CVE-2008-0873 EXPLOITDB text WORKING POC
Jlmzone Classifieds - SQL Injection
SQL injection vulnerability in index.php in the jlmZone Classifieds module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in an Adsview action.
EIP-2026-114473 EXPLOITDB text WORKING POC
XOOPS Module Glossario 2.2 - 'sid' SQL Injection
CVE-2008-7038 EXPLOITDB text WORKING POC
Maxdev MY Egallery - SQL Injection
SQL injection vulnerability in the My_eGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.
EIP-2026-114477 EXPLOITDB text WORKING POC
XOOPS Module wfdownloads - 'cid' SQL Injection
EIP-2026-114478 EXPLOITDB text WORKING POC
XOOPS MyTutorials Module 2.1 - 'printpage.php' SQL Injection
EIP-2026-114051 EXPLOITDB text WORKING POC
WordPress Plugin Simple Forum 1.10 < 1.11 - SQL Injection
EIP-2026-114052 EXPLOITDB text WORKING POC
WordPress Plugin Simple Forum 2.0 < 2.1 - SQL Injection
EIP-2026-114449 EXPLOITDB text WORKING POC
XOOPS 'badliege' Module - 'id' SQL Injection
EIP-2026-114450 EXPLOITDB text WORKING POC
XOOPS 'events' Module - 'id' SQL Injection
CVE-2008-0936 EXPLOITDB text WORKING POC
Xoops Prayer List Module - SQL Injection
SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
EIP-2026-114452 EXPLOITDB text WORKING POC
XOOPS 'vacatures' Module - 'cid' SQL Injection
CVE-2008-0845 EXPLOITDB text WORKING POC
Wordpress Dean Logan Wp-people Plugin - SQL Injection
SQL injection vulnerability in wp-people-popup.php in Dean Logan WP-People plugin 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the person parameter.
CVE-2008-0874 EXPLOITDB text WORKING POC
Xoops Eempregos Module - SQL Injection
SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
EIP-2026-114472 EXPLOITDB text WORKING POC
XOOPS Module Gallery 0.2.2 - 'gid' SQL Injection
CVE-2008-0847 EXPLOITDB text WORKING POC
Xoops Mytopics - SQL Injection
SQL injection vulnerability in print.php in the myTopics module for XOOPS allows remote attackers to execute arbitrary SQL commands via the articleid parameter.
CVE-2008-0682 EXPLOITDB text WORKING POC
Wordpress Wordspew < 3.71 - SQL Injection
SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin before 3.72 for Wordpress allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-114039 EXPLOITDB text WORKING POC
WordPress Plugin ShiftThis NewsLetter - SQL Injection
EIP-2026-114451 EXPLOITDB text WORKING POC
XOOPS 'seminars' Module - 'id' SQL Injection