Sid3^effects

115 exploits Active since Jan 2007
CVE-2010-5034 EXPLOITDB text WRITEUP
iScripts EasyBiller 1.1 - SQL Injection
SQL injection vulnerability in viewhistorydetail.php in iScripts EasyBiller 1.1 allows remote attackers to execute arbitrary SQL commands via the planid parameter.
EIP-2026-107947 EXPLOITDB text WRITEUP
Iphone Pointter Social Network - Local File Inclusion
EIP-2026-107867 EXPLOITDB text WRITEUP
Inout Webmail Script - Persistent Cross-Site Scripting
CVE-2010-1654 EXPLOITDB text WRITEUP
Infocus Real Estate Enterprise Edition - SQL Injection via Username or Password Parameter
Multiple SQL injection vulnerabilities in system_member_login.php in Infocus Real Estate Enterprise Edition allow remote attackers to execute arbitrary SQL commands via the (1) username (aka login) and (2) password parameters. NOTE: some of these details are obtained from third party information.
EIP-2026-107785 EXPLOITDB text WRITEUP
iLister Listing Software - Local File Inclusion
CVE-2010-2319 EXPLOITDB text WRITEUP
IDevSpot TextAds 2.08 - SQL Injection via Page Parameter
SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2010-2611 EXPLOITDB text WRITEUP
i-netsolution Job Search Engine - SQL Injection via show_search_result.php keyword parameter
SQL injection vulnerability in show_search_result.php in i-netsolution Job Search Engine allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
EIP-2026-107699 EXPLOITDB text WRITEUP
i-Net Online Community - Cross-Site Scripting / Authentication Bypass
EIP-2026-107698 EXPLOITDB text WRITEUP
I-net Multi User Email Script - SQL Injection
EIP-2026-107228 EXPLOITDB text WORKING POC
Freelancers Marketplace Script - Persistent Cross-Site Scripting
EIP-2026-107603 EXPLOITDB text WRITEUP
Holiday Travel Portal - Arbitrary File Upload
CVE-2010-2312 EXPLOITDB text WRITEUP
HauntmAx Haunted House Directory Listing CMS - SQL Injection via State Parameter
SQL injection vulnerability in index.php in HauntmAx Haunted House Directory Listing CMS allows remote attackers to execute arbitrary SQL commands via the state parameter in a listings action.
CVE-2010-2438 EXPLOITDB text WRITEUP
laubrotel g.cms_generator - SQL Injection via Lang Parameter
SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL commands via the lang parameter to the default URI, probably index.php.
CVE-2010-1708 EXPLOITDB text WRITEUP
Free Realty - SQL Injection via Agent Login or Password Parameter
Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter).
EIP-2026-107227 EXPLOITDB text WRITEUP
Freelancer Marketplace Script - Arbitrary File Upload
CVE-2010-2356 EXPLOITDB text WRITEUP
Pilot Group eLMS Pro - Stored Cross-Site Scripting via subscribe.php course_id Parameter
Cross-site scripting (XSS) vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the course_id parameter.
EIP-2026-106284 EXPLOITDB text WRITEUP
CustomCMS - Persistent Cross-Site Scripting
EIP-2026-105629 EXPLOITDB text WRITEUP
Bs General_Classifieds Script - SQL Injection
EIP-2026-105685 EXPLOITDB text WRITEUP
CafeEngine 2.3 - SQL Injection
EIP-2026-105632 EXPLOITDB text WRITEUP
Bs Scripts_Directory - SQL Injection / Authentication Bypass
CVE-2010-2670 EXPLOITDB text WRITEUP
BrotherScripts Recipe Website - SQL Injection
SQL injection vulnerability in recipedetail.php in BrotherScripts Recipe Website allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-105631 EXPLOITDB text WRITEUP
Bs Realtor_Web Script - SQL Injection
EIP-2026-105630 EXPLOITDB text WRITEUP
Bs Home_Classifieds Script - SQL Injection
EIP-2026-105628 EXPLOITDB text WRITEUP
Bs Events_Locator Script - SQL Injection
EIP-2026-105625 EXPLOITDB text WRITEUP
Bs Business_Directory Script - SQL Injection / Authentication Bypass