S@BUN

147 exploits Active since May 2004
EIP-2026-114051 EXPLOITDB text WORKING POC
WordPress Plugin Simple Forum 1.10 < 1.11 - SQL Injection
EIP-2026-114478 EXPLOITDB text WORKING POC
XOOPS MyTutorials Module 2.1 - 'printpage.php' SQL Injection
EIP-2026-114450 EXPLOITDB text WORKING POC
XOOPS 'events' Module - 'id' SQL Injection
CVE-2008-0682 EXPLOITDB text WORKING POC
Wordspew < 3.72 - SQL Injection via id Parameter
SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin before 3.72 for Wordpress allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-114475 EXPLOITDB perl WORKING POC
XOOPS Module Recipe 2.2 - 'detail.php' SQL Injection
EIP-2026-114449 EXPLOITDB text WORKING POC
XOOPS 'badliege' Module - 'id' SQL Injection
EIP-2026-114003 EXPLOITDB text WORKING POC
WordPress Plugin Recipes Blog - 'id' SQL Injection
CVE-2008-0939 EXPLOITDB text WORKING POC
WP Photo Album < 1.1 - SQL Injection via Photo or Album Parameter
Multiple SQL injection vulnerabilities in wppa.php in the WP Photo Album (WPPA) before 1.1 plugin for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the photo parameter to index.php, used by the wppa_photo_name function; or (2) the album parameter to index.php, used by the wppa_album_name function. NOTE: some of these details are obtained from third party information.
CVE-2008-1869 EXPLOITDB text WORKING POC
Site Sift Listings - SQL Injection via id Parameter
SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-specific.
CVE-2008-1623 EXPLOITDB text WORKING POC
Smoothflash <admin_view_image.php - SQL Injection
SQL injection vulnerability in admin_view_image.php in Smoothflash allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-0878 EXPLOITDB text WORKING POC
RunCMS MyAnnonces 1.7 - SQL Injection via cid Parameter
SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.
CVE-2008-1551 EXPLOITDB text WORKING POC
RunCMS Photo Module 3.02 - SQL Injection via viewcat.php cid Parameter
SQL injection vulnerability in viewcat.php in the Photo 3.02 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-4912 EXPLOITDB text WORKING POC
RS MAXSOFT fotogalerie - SQL Injection via popup_img.php fotoID Parameter
SQL injection vulnerability in popup_img.php in the fotogalerie module in RS MAXSOFT allows remote attackers to execute arbitrary SQL commands via the fotoID parameter. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
CVE-2008-4765 EXPLOITDB text WORKING POC
osCommerce Poll Booth Add-On 2.0 - SQL Injection via pollID Parameter
SQL injection vulnerability in pollBooth.php in osCommerce Poll Booth Add-On 2.0 allows remote attackers to execute arbitrary SQL commands via the pollID parameter in a results operation. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
EIP-2026-111505 EXPLOITDB text WORKING POC
Prince Clan Chess Club 0.8 com_pcchess Component - 'user_id' SQL Injection
CVE-2008-0879 EXPLOITDB text WORKING POC
PHP-Nuke Web Links Module - SQL Injection via cid Parameter
SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.
CVE-2008-7226 EXPLOITDB text WORKING POC
PHP-Nuke Recipes Module 1.3-1.4 - SQL Injection via recipeid Parameter
SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other versions for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the recipeid parameter.
EIP-2026-110893 EXPLOITDB text WORKING POC
PHP-Nuke Sections Module - 'artid' SQL Injection
EIP-2026-110887 EXPLOITDB text WORKING POC
PHP-Nuke Module Siir - 'id' SQL Injection
EIP-2026-110882 EXPLOITDB text WORKING POC
PHP-Nuke Gallery 1.3 Module - 'artid' SQL Injection
CVE-2004-2000 EXPLOITDB text WORKING POC
Php-Nuke 6.x-7.2 - SQL Injection via Orderby or Sid Parameter
SQL injection vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL via the (1) orderby or (2) sid parameters to modules.php.
CVE-2008-0827 EXPLOITDB text WORKING POC
PHP-Nuke Books Module - SQL Injection via cid Parameter
SQL injection vulnerability in the Books module of PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.
EIP-2026-110879 EXPLOITDB text WORKING POC
PHP-Nuke Classifieds Module - 'Details' SQL Injection
CVE-2008-0815 EXPLOITDB text WORKING POC
com_mezun for Joomla! - SQL Injection via id Parameter
SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task.
CVE-2008-4765 EXPLOITDB text WORKING POC
osCommerce Poll Booth Add-On 2.0 - SQL Injection via pollID Parameter
SQL injection vulnerability in pollBooth.php in osCommerce Poll Booth Add-On 2.0 allows remote attackers to execute arbitrary SQL commands via the pollID parameter in a results operation. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.