SmOk3

10 exploits Active since Apr 2005
EIP-2026-113145 EXPLOITDB text WRITEUP
VoteBox 2.0 - 'Votebox.php' Remote File Inclusion
CVE-2005-1130 EXPLOITDB text WORKING POC
Pinnacle Cart - Cross-Site Scripting via index.php pg Parameter
Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart allows remote attackers to inject arbitrary web script or HTML via the pg parameter.
CVE-2007-4628 EXPLOITDB text WORKING POC
phpns 1.1 - SQL Injection via shownews.php id Parameter
SQL injection vulnerability in shownews.php in phpns 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2289 EXPLOITDB text WRITEUP
arcade_trade_script 1.0 beta - Cross-Site Scripting via q Parameter in gamelist Action
Cross-site scripting (XSS) vulnerability in index.php in Arcade Trade Script 1.0 beta allows remote attackers to inject arbitrary web script or HTML via the q parameter in a gamelist action.
EIP-2026-106070 EXPLOITDB text WORKING POC
Comdev eCommerce 3.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
CVE-2007-4551 EXPLOITDB text WRITEUP
Agares Media Arcadem 2.01 - Remote Code Execution via Loadpage Parameter
PHP remote file inclusion vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter.
CVE-2007-4603 EXPLOITDB text WRITEUP
ACG News 1.0 - SQL Injection via aid or catid Parameter
Multiple SQL injection vulnerabilities in index.php in ACG News 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter in a showarticle action or (2) the catid parameter in a showcat action.
CVE-2007-4603 EXPLOITDB text WORKING POC
ACG News 1.0 - SQL Injection via aid or catid Parameter
Multiple SQL injection vulnerabilities in index.php in ACG News 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter in a showarticle action or (2) the catid parameter in a showcat action.
CVE-2005-3043 EXPLOITDB text WORKING POC
Mall23 eCommerce - SQL Injection via AddItem.asp idOption_Dropdown_2 Parameter
SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idOption_Dropdown_2 parameter.
CVE-2007-4762 EXPLOITDB text WORKING POC
e-smart_cart 1.0 - SQL Injection via User and Pass Fields
Multiple SQL injection vulnerabilities in embadmin/login.asp in E-SMARTCART 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user and (2) pass fields, different vectors than CVE-2007-0092.