The-0utl4w

17 exploits Active since Dec 2007
CVE-2008-1844 EXPLOITDB text WORKING POC
W2B phpHotResources - SQL Injection
SQL injection vulnerability in cat.php in W2B phpHotResources allows remote attackers to execute arbitrary SQL commands via the kind parameter.
CVE-2008-1843 EXPLOITDB text WORKING POC
W2B DatingClub - SQL Injection via browse.php age_to Parameter
SQL injection vulnerability in browse.php in W2B DatingClub (aka Dating Club) allows remote attackers to execute arbitrary SQL commands via the age_to parameter in a browsebyCat action.
EIP-2026-111271 EXPLOITDB text WRITEUP
pigyard art Gallery - Multiple Vulnerabilities
EIP-2026-111156 EXPLOITDB text WRITEUP
PHPMyConferences 8.0.2 - 'Init.php' Remote File Inclusion
CVE-2008-7038 EXPLOITDB text WORKING POC
My_eGallery - SQL Injection via gid Parameter
SQL injection vulnerability in the My_eGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.
EIP-2026-110826 EXPLOITDB text WRITEUP
PHP-Nuke 'Seminars' Module - 'Filename' Local File Inclusion
CVE-2008-6234 EXPLOITDB text WORKING POC
com_musica - SQL Injection via id Parameter
SQL injection vulnerability in the com_musica module in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
EIP-2026-108162 EXPLOITDB text WORKING POC
Joomla! / Mambo Component ensenanzas - 'id' SQL Injection
EIP-2026-108143 EXPLOITDB text WORKING POC
Joomla! / Mambo Component com_guide - 'category' SQL Injection
EIP-2026-108146 EXPLOITDB text WORKING POC
Joomla! / Mambo Component com_inter - 'id' SQL Injection
CVE-2008-4777 EXPLOITDB text WORKING POC
Joomlearn LMS (com_lms) - SQL Injection via cat Parameter
SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showTests task.
CVE-2007-6217 EXPLOITDB text WRITEUP
Irola My-Time 3.5 - SQL Injection via Login and Password Parameters
Multiple SQL injection vulnerabilities in login.asp in Irola My-Time (aka Timesheet) 3.5 allow remote attackers to execute arbitrary SQL commands via the (1) login (aka Username) and (2) password parameters. NOTE: some of these details are obtained from third party information.
CVE-2008-1162 EXPLOITDB text WORKING POC
PHP WEB SCRIPT Dynamic Photo Gallery 1.02 - SQL Injection
SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID parameter.
CVE-2008-1921 EXPLOITDB text WORKING POC
5th Avenue Shopping Cart 1.2 - SQL Injection
SQL injection vulnerability in store_pages/category_list.php in 5th Avenue Shopping Cart 1.2 trial edition allows remote attackers to execute arbitrary SQL commands via the category_ID parameter.
EIP-2026-100515 EXPLOITDB text WORKING POC
Rapid Classified - 'AgencyCatResult.asp' SQL Injection
EIP-2026-100610 EXPLOITDB text WRITEUP
VUNET Case Manager 3.4 - 'default.asp' SQL Injection
CVE-2008-1354 EXPLOITDB text WORKING POC
Advanced Data Solutions VSO-XP - SQL Injection
SQL injection vulnerability in MyIssuesView.asp in Advanced Data Solutions Virtual Support Office-XP (VSO-XP) allows remote attackers to execute arbitrary SQL commands via the Issue_ID parameter.