SpC-x

12 exploits Active since Jun 2006
CVE-2006-2855 EXPLOITDB text WRITEUP
xueBook 1.0 - SQL Injection via Start Parameter
SQL injection vulnerability in index.php in xueBook 1.0 allows remote attackers to execute arbitrary SQL commands via the start parameter.
CVE-2006-2805 EXPLOITDB text WORKING POC
vBulletin 3.0.10 - SQL Injection via FeatureID Parameter
SQL injection vulnerability in VBulletin 3.0.10 allows remote attackers to execute arbitrary SQL commands via the featureid parameter.
CVE-2006-2817 EXPLOITDB text WRITEUP
tekno.portal - SQL Injection via bolum.php id Parameter
SQL injection vulnerability in bolum.php in tekno.Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-112167 EXPLOITDB text WRITEUP
Simpnews 2.x - 'Wap_short_news.php' Remote File Inclusion
EIP-2026-111419 EXPLOITDB text WRITEUP
Portix-PHP 2-0.3.2 Portal - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-111434 EXPLOITDB text WRITEUP
PostNuke 0.76 RC2 - Multiple Input Validation Vulnerabilities
EIP-2026-110939 EXPLOITDB text WRITEUP
phpBB - 'BBRSS.php' Remote File Inclusion
EIP-2026-108091 EXPLOITDB text WRITEUP
Ji-takz - Remote File Inclusion
CVE-2006-2854 EXPLOITDB text WRITEUP
iBWd Guestbook 1.0 - SQL Injection via Offset Parameter
SQL injection vulnerability in index.php in iBWd Guestbook 1.0 allows remote attackers to execute arbitrary SQL commands via the offset parameter.
CVE-2006-2871 EXPLOITDB text WRITEUP
CyBoards PHP Lite 1.25 - Remote File Inclusion via script_path Parameter
PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. NOTE: CVE disputes this issue, since $script_path is set to a constant value
EIP-2026-105335 EXPLOITDB text WORKING POC
aWebNews 1.5 - 'visview.php' Remote File Inclusion
CVE-2006-2853 EXPLOITDB text WRITEUP
abarcar Realty Portal 5.1.5 - SQL Injection
SQL injection vulnerability in content.php in abarcar Realty Portal 5.1.5 allows remote attackers to execute arbitrary SQL commands via the cat parameter.