SixSo

6 exploits Active since Jul 2009
CVE-2009-2423 EXPLOITDB WORKING POC
Ebay Clone 2009 - SQL Injection via cate_id Parameter
SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter in a list action.
CVE-2009-2340 EXPLOITDB text WORKING POC
Opial 1.0 - SQL Injection via txtUserName Parameter
SQL injection vulnerability in admin/index.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the txtUserName (aka User Name) parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-2339 EXPLOITDB text WRITEUP
Rentventory - SQL Injection via Product Parameter
SQL injection vulnerability in index.php in Rentventory allows remote attackers to execute arbitrary SQL commands via the product parameter.
CVE-2009-2388 EXPLOITDB text WORKING POC
Opial 1.0 - SQL Injection via txtPassword Parameter
SQL injection vulnerability in admin/index.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the txtPassword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-2427 EXPLOITDB text WRITEUP
Jobbr 2.2.7 - SQL Injection via emp_id Parameter
SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows remote attackers to execute arbitrary SQL commands via the emp_id parameter.
CVE-2009-2424 EXPLOITDB text WORKING POC
Ebay Clone 2009 - Cross-Site Scripting via Search Mode Parameter
Cross-site scripting (XSS) vulnerability in search.php in Ebay Clone 2009 allows remote attackers to inject arbitrary web script or HTML via the mode parameter.