Valentin

38 exploits Active since Apr 2009
CVE-2010-2147 EXPLOITDB text WRITEUP
Unisoft Com Mycar - XSS
Cross-site scripting (XSS) vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the modveh parameter to index.php.
CVE-2010-4927 EXPLOITDB text WRITEUP
Joomla! com_restaurantguide 1.0.0 - SQL Injection
SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a country action to index.php.
CVE-2010-4834 EXPLOITDB text WRITEUP
OneOrZero AIMS 2.6.0-2.7.0 - SQL Injection
Multiple SQL injection vulnerabilities in index.php in OneOrZero AIMS 2.6.0 Members Edition and 2.7.0 Trial Edition allow remote authenticated users to execute arbitrary SQL commands via the (1) id parameter in a saved_search action and (2) item_types parameter in a show_item_search action in the search_management_manage subcontroller. NOTE: some of these details are obtained from third party information.
EIP-2026-114587 EXPLOITDB text WRITEUP
Zeeways Adserver - Multiple Vulnerabilities
EIP-2026-113087 EXPLOITDB text WRITEUP
VideoDB 3.0.3 - Multiple Vulnerabilities
EIP-2026-112005 EXPLOITDB text WRITEUP
Sethi Family Guestbook 3.1.8 - Cross-Site Scripting
EIP-2026-112031 EXPLOITDB text WRITEUP
ShopSystem - SQL Injection
CVE-2008-6848 EXPLOITDB text WRITEUP
W2B Phpgreetcards - XSS
Cross-site scripting (XSS) vulnerability in index.php in phpGreetCards 3.7 allows remote attackers to inject arbitrary web script or HTML via the category parameter in a select action.
EIP-2026-110049 EXPLOITDB text WRITEUP
OnePC mySite Management Software - SQL Injection
EIP-2026-110050 EXPLOITDB text WRITEUP
onepound Shop / CMS - Cross-Site Scripting / SQL Injection
CVE-2010-4835 EXPLOITDB text WRITEUP
OneOrZero AIMS 2.6.0 - Path Traversal
Directory traversal vulnerability in index.php in OneOrZero AIMS 2.6.0 Members Edition allows remote authenticated users to read arbitrary files via directory traversal sequences in the controller parameter in a show_report action.
EIP-2026-109404 EXPLOITDB text WRITEUP
Membership Site Script - SQL Injection
EIP-2026-109230 EXPLOITDB text WRITEUP
Lyrics Script - SQL Injection / Cross-Site Scripting
CVE-2010-1468 EXPLOITDB text WRITEUP
Joomla! <1.5.2.3 - SQL Injection
SQL injection vulnerability in the Multi-Venue Restaurant Menu Manager (aka MVRMM or com_mv_restaurantmenumanager) component 1.5.2 Stable Update 3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the mid parameter in a menu_display action to index.php.
CVE-2010-1350 EXPLOITDB text WORKING POC
JP Jobs <1.4.1 - SQL Injection
SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.
CVE-2010-4837 EXPLOITDB text WRITEUP
JSupport 1.5.6 - XSS
Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the subject parameter (title field) in a saveTicket action to index2.php. NOTE: some of these details are obtained from third party information.
CVE-2010-4838 EXPLOITDB text WRITEUP
JSupport 1.5.6 - SQL Injection
SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the alpha parameter in a (1) listTickets or (2) listFaqs action to administrator/index.php.
CVE-2010-2148 EXPLOITDB text WRITEUP
Unisoft Com Mycar - SQL Injection
SQL injection vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pagina parameter to index.php.
CVE-2010-1720 EXPLOITDB text WRITEUP
Qproje Com Qpersonel < 1.0.2 - SQL Injection
SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele action to index.php.
CVE-2010-4928 EXPLOITDB text WRITEUP
Joomla! com_restaurantguide 1.0.0 - XSS
Cross-site scripting (XSS) vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML by placing it after a > (greater than) character.
CVE-2010-1746 EXPLOITDB text WRITEUP
Toolsjx Com Grid - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the Table JX (com_grid) component for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) data_search and (2) rpp parameters to index.php.
EIP-2026-109088 EXPLOITDB text WRITEUP
leaftec CMS - Multiple Vulnerabilities
EIP-2026-108123 EXPLOITDB text WRITEUP
Joke Website Script - SQL Injection / Cross-Site Scripting
CVE-2010-5032 EXPLOITDB text WRITEUP
Joomla! com_bfquiztrial <1.3.1 - SQL Injection
SQL injection vulnerability in the BF Quiz (com_bfquiztrial) component before 1.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a bfquiztrial action to index.php.
CVE-2010-5028 EXPLOITDB text WRITEUP
Joomla! com_jejob 1.0 - SQL Injection
SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.