Vipsta

3 exploits Active since Dec 2005
CVE-2006-4427 EXPLOITDB text WORKING POC
efiction - Unauthenticated Privilege Escalation via Parameter Manipulation
index.php in eFiction before 2.0.7 allows remote attackers to bypass authentication and gain privileges by setting the (1) adminloggedin, (2) loggedin, and (3) level parameters to "1".
CVE-2005-4136 EXPLOITDB text WORKING POC
DRZES HMS 3.2 - Cross-Site Scripting via login.php customerEmailAddress Parameter
Cross-site scripting (XSS) vulnerability in login.php in DRZES HMS 3.2 allows remote attackers to inject arbitrary web script or HTML via the customerEmailAddress parameter.
CVE-2006-4592 EXPLOITDB text WORKING POC
8pixel.net Simple Blog <= 2.3 - SQL Injection via id Parameter
Incomplete blacklist vulnerability in default.asp in 8pixel.net Simple Blog 2.3 and earlier allows remote attackers to conduct SQL injection attacks via ">" characters in the id parameter, which are not filtered by the protection mechanism.