S@BUN

147 exploits Active since May 2004
EIP-2026-107348 EXPLOITDB text WORKING POC
Gary's Cookbook 3.0 - 'id' SQL Injection
CVE-2008-1349 EXPLOITDB text WORKING POC
bamaGalerie 3.03-3.041 - SQL Injection
SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama Galerie) 3.03 and 3.041 module for eXV2 2.0.6 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-0453 EXPLOITDB text WORKING POC
Easysitenetwork Recipe - SQL Injection via categoryid Parameter
SQL injection vulnerability in list.php in Easysitenetwork Recipe allows remote attackers to execute arbitrary SQL commands via the categoryid parameter.
CVE-2008-0855 EXPLOITDB text WORKING POC
Joomla and Mambo com_facileforms - SQL Injection via catid Parameter
SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2008-1407 EXPLOITDB text WORKING POC
eXV2 WebChat 1.60 - SQL Injection via roomid Parameter
SQL injection vulnerability in index.php in the WebChat 1.60 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the roomid parameter.
CVE-2008-1406 EXPLOITDB text WORKING POC
eXV2 MyAnnonces 1.8 - SQL Injection via lid Parameter
SQL injection vulnerability in annonces-p-f.php in the MyAnnonces 1.8 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the lid parameter in an ImprAnn action.
CVE-2008-1404 EXPLOITDB text WORKING POC
Viso (Industry Book) <2.04-2.03 - SQL Injection
SQL injection vulnerability in index.php in the Viso (Industry Book) 2.04 and 2.03 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the kid parameter.
EIP-2026-106983 EXPLOITDB text WORKING POC
eXV2 Module eblog 1.2 - 'blog_id' SQL Injection
EIP-2026-106568 EXPLOITDB text WORKING POC
Dream4 Koobi Pro 6.25 Gallery - 'galid' SQL Injection
EIP-2026-106331 EXPLOITDB text WORKING POC
D.E. Classifieds - 'cat_id' SQL Injection
EIP-2026-106569 EXPLOITDB text WORKING POC
Dream4 Koobi Pro 6.25 Links - 'categ' SQL Injection
CVE-2008-6210 EXPLOITDB text WORKING POC
dream4 Koobi 4.4 and 5.4 - SQL Injection via img_id Parameter
SQL injection vulnerability in index.php in dream4 Koobi 4.4 and 5.4 allows remote attackers to execute arbitrary SQL commands via the img_id parameter in the gallerypic page.
CVE-2008-4778 EXPLOITDB text WORKING POC
Koobi CMS 4.3.0 - SQL Injection via Gallery Module galid Parameter
SQL injection vulnerability in the gallery module in Koobi CMS 4.3.0 allows remote attackers to execute arbitrary SQL commands via the galid parameter in a showimages action.
EIP-2026-106570 EXPLOITDB text WORKING POC
Dream4 Koobi Pro 6.25 Shop - 'categ' SQL Injection
CVE-2008-2036 EXPLOITDB text WORKING POC
dream4 Koobi Pro 6.25 - SQL Injection via poll_id Parameter
SQL injection vulnerability in index.php in dream4 Koobi Pro 6.25 allows remote attackers to execute arbitrary SQL commands via the poll_id parameter in a poll action.
CVE-2008-0733 EXPLOITDB text WORKING POC
CS Team Counter Strike Portals - SQL Injection via id Parameter
SQL injection vulnerability in index.php in CS Team Counter Strike Portals allows remote attackers to execute arbitrary SQL commands via the id parameter, as demonstrated using the downloads page.
CVE-2008-0695 EXPLOITDB text WORKING POC
BookmarkX script 2007 - SQL Injection via topicid Parameter
SQL injection vulnerability in index.php in BookmarkX script 2007 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a showtopic action.
EIP-2026-105300 EXPLOITDB text WORKING POC
AuraCMS 2.2 - 'lihatberita' Module SQL Injection
CVE-2008-3888 EXPLOITDB text WORKING POC
Mini-NUKE Freehost 2.3 - SQL Injection
SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action.
CVE-2008-7030 EXPLOITDB text WORKING POC
Site2Nite Real Estate Web - SQL Injection via Username or Password Field
Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field to an unspecified component, possibly agentlist.asp. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
CVE-2008-1430 EXPLOITDB text WORKING POC
ASPapp - SQL Injection via CatId Parameter
SQL injection vulnerability in links.asp in ASPapp allows remote attackers to execute arbitrary SQL commands via the CatId parameter.
CVE-2008-1430 EXPLOITDB text WORKING POC
ASPapp - SQL Injection via CatId Parameter
SQL injection vulnerability in links.asp in ASPapp allows remote attackers to execute arbitrary SQL commands via the CatId parameter.