Sioma Labs

6 exploits Active since Mar 2010
CVE-2010-1048 EXPLOITDB text WORKING POC
Uiga Business Portal - Stored Cross-Site Scripting via Comment Box Textcomment Parameter
Cross-site scripting (XSS) vulnerability in blog/index.php in Uiga Business Portal allows remote attackers to inject arbitrary web script or HTML via the textcomment parameter (aka the Comment Box) in a noentryid action. NOTE: some of these details are obtained from third party information.
EIP-2026-118846 EXPLOITDB perl WORKING POC
Microsoft Internet Explorer 6/7 - Remote Code Execution (Remote User Add)
CVE-2010-1049 EXPLOITDB text WORKING POC
Uiga Business Portal - SQL Injection
Multiple SQL injection vulnerabilities in Uiga Business Portal allow remote attackers to execute arbitrary SQL commands via the (1) noentryid parameter to blog/index.php and the (2) p parameter to index2.php.
CVE-2010-1365 EXPLOITDB text WORKING POC
Uiga Fan Club - SQL Injection via id Parameter in photos Action
SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.
EIP-2026-112871 EXPLOITDB text WORKING POC
ULoki Community Forum 2.1 - 'usercp.php' Cross-Site Scripting
EIP-2026-110234 EXPLOITDB text WORKING POC
Open Source Classifieds 1.1.0 Alpha (OSClassi) - SQL Injection / Cross-Site Scripting / Arbitrary Admin Change