Sioma Labs

6 exploits Active since Mar 2010
CVE-2010-1048 EXPLOITDB text WORKING POC
Uiga Business Portal - XSS
Cross-site scripting (XSS) vulnerability in blog/index.php in Uiga Business Portal allows remote attackers to inject arbitrary web script or HTML via the textcomment parameter (aka the Comment Box) in a noentryid action. NOTE: some of these details are obtained from third party information.
EIP-2026-118846 EXPLOITDB perl WORKING POC
Microsoft Internet Explorer 6/7 - Remote Code Execution (Remote User Add)
CVE-2010-1049 EXPLOITDB text WORKING POC
Uiga Business Portal - SQL Injection
Multiple SQL injection vulnerabilities in Uiga Business Portal allow remote attackers to execute arbitrary SQL commands via the (1) noentryid parameter to blog/index.php and the (2) p parameter to index2.php.
CVE-2010-1365 EXPLOITDB text WORKING POC
Uiga Fan Club - SQL Injection
SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.
EIP-2026-112871 EXPLOITDB text WORKING POC
ULoki Community Forum 2.1 - 'usercp.php' Cross-Site Scripting
EIP-2026-110234 EXPLOITDB text WORKING POC
Open Source Classifieds 1.1.0 Alpha (OSClassi) - SQL Injection / Cross-Site Scripting / Arbitrary Admin Change