TR-ShaRk

8 exploits Active since Feb 2008
CVE-2008-6309 EXPLOITDB text WRITEUP
W3matter AskPert - SQL Injection via f[password] Parameter
SQL injection vulnerability in index.php in W3matter AskPert allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-6350 EXPLOITDB text WRITEUP
TurnkeyForms Local Classifieds - SQL Injection via listtest.php r Parameter
SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter.
CVE-2008-6351 EXPLOITDB text WRITEUP
TurnkeyForms Local Classifieds - Cross-Site Scripting via listtest.php r Parameter
Cross-site scripting (XSS) vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to inject arbitrary web script or HTML via the r parameter.
CVE-2008-6243 EXPLOITDB text WORKING POC
Scripts For Sites Hotscripts-like Site - SQL Injection via showcategory.php cid Parameter
SQL injection vulnerability in showcategory.php in Scripts For Sites (SFS) Hotscripts-like Site allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-0689 EXPLOITDB text WORKING POC
Joomla com_marketplace 1.1.1 and 1.1.1-pl1 - SQL Injection via catid Parameter
SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_category action.
CVE-2008-5788 EXPLOITDB text WORKING POC
Domain Seller Pro 1.5 - SQL Injection
SQL injection vulnerability in index.php in Domain Seller Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6310 EXPLOITDB text WRITEUP
W3matter RevSense 1.0 - SQL Injection via f[password] Parameter
SQL injection vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-4890 EXPLOITDB text WRITEUP
1st News 4 Professional - SQL Injection via products.php id Parameter
SQL injection vulnerability in products.php in 1st News 4 Professional (PR 1) allows remote attackers to execute arbitrary SQL commands via the id parameter.