S@BUN

147 exploits Active since May 2004
EIP-2026-107348 EXPLOITDB text WORKING POC
Gary's Cookbook 3.0 - 'id' SQL Injection
CVE-2008-1349 EXPLOITDB text WORKING POC
bamaGalerie 3.03-3.041 - SQL Injection
SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama Galerie) 3.03 and 3.041 module for eXV2 2.0.6 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-0453 EXPLOITDB text WORKING POC
Easysitenetwork Recipe Website Script - SQL Injection
SQL injection vulnerability in list.php in Easysitenetwork Recipe allows remote attackers to execute arbitrary SQL commands via the categoryid parameter.
CVE-2008-0855 EXPLOITDB text WORKING POC
Joomla Com Facileforms - SQL Injection
SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2008-1407 EXPLOITDB text WORKING POC
WebChat 1.60 - SQL Injection
SQL injection vulnerability in index.php in the WebChat 1.60 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the roomid parameter.
CVE-2008-1406 EXPLOITDB text WORKING POC
MyAnnonces 1.8 - SQL Injection
SQL injection vulnerability in annonces-p-f.php in the MyAnnonces 1.8 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the lid parameter in an ImprAnn action.
CVE-2008-1404 EXPLOITDB text WORKING POC
Viso (Industry Book) <2.04-2.03 - SQL Injection
SQL injection vulnerability in index.php in the Viso (Industry Book) 2.04 and 2.03 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the kid parameter.
EIP-2026-106983 EXPLOITDB text WORKING POC
eXV2 Module eblog 1.2 - 'blog_id' SQL Injection
EIP-2026-106568 EXPLOITDB text WORKING POC
Dream4 Koobi Pro 6.25 Gallery - 'galid' SQL Injection
EIP-2026-106331 EXPLOITDB text WORKING POC
D.E. Classifieds - 'cat_id' SQL Injection
EIP-2026-106569 EXPLOITDB text WORKING POC
Dream4 Koobi Pro 6.25 Links - 'categ' SQL Injection
CVE-2008-6210 EXPLOITDB text WORKING POC
Dream4 Koobi - SQL Injection
SQL injection vulnerability in index.php in dream4 Koobi 4.4 and 5.4 allows remote attackers to execute arbitrary SQL commands via the img_id parameter in the gallerypic page.
CVE-2008-4778 EXPLOITDB text WORKING POC
Dream4 Koobi Cms - SQL Injection
SQL injection vulnerability in the gallery module in Koobi CMS 4.3.0 allows remote attackers to execute arbitrary SQL commands via the galid parameter in a showimages action.
EIP-2026-106570 EXPLOITDB text WORKING POC
Dream4 Koobi Pro 6.25 Shop - 'categ' SQL Injection
CVE-2008-2036 EXPLOITDB text WORKING POC
Koobi Pro 6.25 - SQL Injection
SQL injection vulnerability in index.php in dream4 Koobi Pro 6.25 allows remote attackers to execute arbitrary SQL commands via the poll_id parameter in a poll action.
CVE-2008-0733 EXPLOITDB text WORKING POC
CS Team Counter Strike Portal - SQL Injection
SQL injection vulnerability in index.php in CS Team Counter Strike Portals allows remote attackers to execute arbitrary SQL commands via the id parameter, as demonstrated using the downloads page.
CVE-2008-0695 EXPLOITDB text WORKING POC
Bookmarkx Script - SQL Injection
SQL injection vulnerability in index.php in BookmarkX script 2007 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a showtopic action.
EIP-2026-105300 EXPLOITDB text WORKING POC
AuraCMS 2.2 - 'lihatberita' Module SQL Injection
CVE-2008-3888 EXPLOITDB text WORKING POC
Mini-NUKE Freehost 2.3 - SQL Injection
SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action.
CVE-2008-7030 EXPLOITDB text WORKING POC
Site2nite Real Estate Web - SQL Injection
Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field to an unspecified component, possibly agentlist.asp. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
CVE-2008-1430 EXPLOITDB text WORKING POC
Iatek ASPapp - SQL Injection
SQL injection vulnerability in links.asp in ASPapp allows remote attackers to execute arbitrary SQL commands via the CatId parameter.
CVE-2008-1430 EXPLOITDB text WORKING POC
Iatek ASPapp - SQL Injection
SQL injection vulnerability in links.asp in ASPapp allows remote attackers to execute arbitrary SQL commands via the CatId parameter.