Sid3^effects aKa HaRi

72 exploits Active since May 2010
EIP-2026-107867 EXPLOITDB text WRITEUP
Inout Webmail Script - Persistent Cross-Site Scripting
CVE-2010-1654 EXPLOITDB text WRITEUP
Infocus Real Estate Enterprise Edition - SQL Injection via Username or Password Parameter
Multiple SQL injection vulnerabilities in system_member_login.php in Infocus Real Estate Enterprise Edition allow remote attackers to execute arbitrary SQL commands via the (1) username (aka login) and (2) password parameters. NOTE: some of these details are obtained from third party information.
EIP-2026-107785 EXPLOITDB text WRITEUP
iLister Listing Software - Local File Inclusion
EIP-2026-107699 EXPLOITDB text WRITEUP
i-Net Online Community - Cross-Site Scripting / Authentication Bypass
EIP-2026-107227 EXPLOITDB text WRITEUP
Freelancer Marketplace Script - Arbitrary File Upload
EIP-2026-107603 EXPLOITDB text WRITEUP
Holiday Travel Portal - Arbitrary File Upload
CVE-2010-2312 EXPLOITDB text WRITEUP
HauntmAx Haunted House Directory Listing CMS - SQL Injection via State Parameter
SQL injection vulnerability in index.php in HauntmAx Haunted House Directory Listing CMS allows remote attackers to execute arbitrary SQL commands via the state parameter in a listings action.
EIP-2026-107228 EXPLOITDB text WORKING POC
Freelancers Marketplace Script - Persistent Cross-Site Scripting
CVE-2010-2356 EXPLOITDB text WRITEUP
Pilot Group eLMS Pro - Stored Cross-Site Scripting via subscribe.php course_id Parameter
Cross-site scripting (XSS) vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the course_id parameter.
EIP-2026-105625 EXPLOITDB text WRITEUP
Bs Business_Directory Script - SQL Injection / Authentication Bypass
EIP-2026-105685 EXPLOITDB text WRITEUP
CafeEngine 2.3 - SQL Injection
EIP-2026-105632 EXPLOITDB text WRITEUP
Bs Scripts_Directory - SQL Injection / Authentication Bypass
CVE-2010-2670 EXPLOITDB text WRITEUP
BrotherScripts Recipe Website - SQL Injection
SQL injection vulnerability in recipedetail.php in BrotherScripts Recipe Website allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-105631 EXPLOITDB text WRITEUP
Bs Realtor_Web Script - SQL Injection
EIP-2026-105629 EXPLOITDB text WRITEUP
Bs General_Classifieds Script - SQL Injection
EIP-2026-105628 EXPLOITDB text WRITEUP
Bs Events_Locator Script - SQL Injection
EIP-2026-105624 EXPLOITDB text WRITEUP
Bs Auto_Classifieds Script - 'articlesdetails.php' SQL Injection
CVE-2010-1706 EXPLOITDB text WRITEUP
2daybiz Auction Script - SQL Injection via Login Username Parameter
Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction Script allow remote attackers to execute arbitrary SQL commands via (1) the login field (aka the username parameter), and possibly (2) the password field, to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-5019 EXPLOITDB text WRITEUP
2daybiz Online Classified Script - SQL Injection
SQL injection vulnerability in view_photo.php in 2daybiz Online Classified Script allows remote attackers to execute arbitrary SQL commands via the alb parameter.
EIP-2026-104296 EXPLOITDB text WRITEUP
Joomla! Component Jreservation 1.5 - SQL Injection / Cross-Site Scripting
EIP-2026-100624 EXPLOITDB text WRITEUP
Web Wiz Forums 9.68 - SQL Injection
CVE-2010-5013 EXPLOITDB text WRITEUP
Mckenzie Creations VRM <3.5 - SQL Injection
SQL injection vulnerability in listing_detail.asp in Mckenzie Creations Virtual Real Estate Manager (VRM) 3.5 allows remote attackers to execute arbitrary SQL commands via the Lid parameter.