TR-ShaRk

8 exploits Active since Feb 2008
CVE-2008-6309 EXPLOITDB text WRITEUP
W3matter Askpert - SQL Injection
SQL injection vulnerability in index.php in W3matter AskPert allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-6350 EXPLOITDB text WRITEUP
Turnkeyforms Local Classifieds - SQL Injection
SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter.
CVE-2008-6351 EXPLOITDB text WRITEUP
Turnkeyforms Local Classifieds - XSS
Cross-site scripting (XSS) vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to inject arbitrary web script or HTML via the r parameter.
CVE-2008-6243 EXPLOITDB text WORKING POC
Scripts FOR Sites EZ Hotscripts-likesite - SQL Injection
SQL injection vulnerability in showcategory.php in Scripts For Sites (SFS) Hotscripts-like Site allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-0689 EXPLOITDB text WORKING POC
Joomla Com Marketplace - SQL Injection
SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_category action.
CVE-2008-5788 EXPLOITDB text WORKING POC
Domain Seller Pro 1.5 - SQL Injection
SQL injection vulnerability in index.php in Domain Seller Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6310 EXPLOITDB text WRITEUP
W3matter Revsense - SQL Injection
SQL injection vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-4890 EXPLOITDB text WRITEUP
1ST News 4 Professional - SQL Injection
SQL injection vulnerability in products.php in 1st News 4 Professional (PR 1) allows remote attackers to execute arbitrary SQL commands via the id parameter.