S@BUN

147 exploits Active since May 2004
CVE-2008-0754 EXPLOITDB WORKING POC
Joomla com_rapidrecipe 1.6.5 - SQL Injection via user_id or category_id Parameter
Multiple SQL injection vulnerabilities in index.php in the Rapid Recipe (com_rapidrecipe) 1.6.5 component for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the user_id parameter in a showuser action or (2) the category_id parameter in a viewcategorysrecipes action.
CVE-2008-0515 EXPLOITDB text WORKING POC
Joomla and Mambo musepoes Component - SQL Injection via aid Parameter
SQL injection vulnerability in index.php in the musepoes (com_musepoes) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.
CVE-2006-3598 EXPLOITDB text WORKING POC
PHP-Nuke Sections Module - SQL Injection via artid Parameter
SQL injection vulnerability in the Sections module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle op.
CVE-2008-0937 EXPLOITDB text WORKING POC
tinyevent 1.01 - SQL Injection via id Parameter
SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811.
EIP-2026-114479 EXPLOITDB text WORKING POC
XOOPS Recette 2.2 - 'detail.php' SQL Injection
CVE-2008-0683 EXPLOITDB text WORKING POC
ShiftThis Newsletter Plugin for WordPress - SQL Injection via Newsletter Parameter
SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter.
EIP-2026-114475 EXPLOITDB perl WORKING POC
XOOPS Module Recipe 2.2 - 'detail.php' SQL Injection
CVE-2008-0873 EXPLOITDB text WORKING POC
jlmZone Classifieds - SQL Injection via cid Parameter in Adsview Action
SQL injection vulnerability in index.php in the jlmZone Classifieds module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in an Adsview action.
EIP-2026-114473 EXPLOITDB text WORKING POC
XOOPS Module Glossario 2.2 - 'sid' SQL Injection
CVE-2008-7038 EXPLOITDB text WORKING POC
My_eGallery - SQL Injection via gid Parameter
SQL injection vulnerability in the My_eGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.
EIP-2026-114477 EXPLOITDB text WORKING POC
XOOPS Module wfdownloads - 'cid' SQL Injection
EIP-2026-114478 EXPLOITDB text WORKING POC
XOOPS MyTutorials Module 2.1 - 'printpage.php' SQL Injection
EIP-2026-114051 EXPLOITDB text WORKING POC
WordPress Plugin Simple Forum 1.10 < 1.11 - SQL Injection
EIP-2026-114052 EXPLOITDB text WORKING POC
WordPress Plugin Simple Forum 2.0 < 2.1 - SQL Injection
EIP-2026-114449 EXPLOITDB text WORKING POC
XOOPS 'badliege' Module - 'id' SQL Injection
EIP-2026-114450 EXPLOITDB text WORKING POC
XOOPS 'events' Module - 'id' SQL Injection
CVE-2008-0936 EXPLOITDB text WORKING POC
XOOPS Prayer List Module 1.04 - SQL Injection via cid Parameter
SQL injection vulnerability in index.php in the Prayer List (prayerlist) 1.04 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
EIP-2026-114452 EXPLOITDB text WORKING POC
XOOPS 'vacatures' Module - 'cid' SQL Injection
CVE-2008-0845 EXPLOITDB text WORKING POC
Dean Logan WP-People Plugin 1.6.1 - SQL Injection via Person Parameter
SQL injection vulnerability in wp-people-popup.php in Dean Logan WP-People plugin 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the person parameter.
CVE-2008-0874 EXPLOITDB text WORKING POC
XOOPS eEmpregos Module - SQL Injection via cid Parameter
SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
EIP-2026-114472 EXPLOITDB text WORKING POC
XOOPS Module Gallery 0.2.2 - 'gid' SQL Injection
CVE-2008-0847 EXPLOITDB text WORKING POC
XOOPS myTopics - SQL Injection via articleid Parameter
SQL injection vulnerability in print.php in the myTopics module for XOOPS allows remote attackers to execute arbitrary SQL commands via the articleid parameter.
CVE-2008-0682 EXPLOITDB text WORKING POC
Wordspew < 3.72 - SQL Injection via id Parameter
SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin before 3.72 for Wordpress allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-114039 EXPLOITDB text WORKING POC
WordPress Plugin ShiftThis NewsLetter - SQL Injection
EIP-2026-114451 EXPLOITDB text WORKING POC
XOOPS 'seminars' Module - 'id' SQL Injection