WiLdBoY

10 exploits Active since Mar 2007
CVE-2007-1440 EXPLOITDB html WORKING POC
Jgbbs - SQL Injection
SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 allows remote attackers to execute arbitrary SQL commands via the author parameter.
CVE-2007-2180 EXPLOITDB perl WORKING POC
Nullsoft Winamp - Buffer Overflow
Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted WMV file.
CVE-2007-2367 EXPLOITDB perl WORKING POC
Wserve HTTP Server <4.6 - Buffer Overflow
Buffer overflow in wserve_console.exe in Wserve HTTP Server (whttp) 4.6 allows remote attackers to cause a denial of service (forced application exit) via a long directory name in the URI.
CVE-2007-1517 EXPLOITDB html WORKING POC
Paul Knierim Wsn Guest - SQL Injection
SQL injection vulnerability in comments.php in WSN Guest 1.02 and 1.21 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-3311 EXPLOITDB perl WORKING POC
Xoops Articles Module < 1.02 - SQL Injection
SQL injection vulnerability in print.php in the Articles 1.02 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-1510 EXPLOITDB html WORKING POC
Particle Blogger - SQL Injection
SQL injection vulnerability in post.php in Particle Blogger 1.0.0 through 1.2.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter.
CVE-2007-1417 EXPLOITDB text WRITEUP
HC Design Newssystem - SQL Injection
SQL injection vulnerability in index.php in HC NEWSSYSTEM 1.0-4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a komm aktion.
CVE-2007-1572 EXPLOITDB html WORKING POC
Sourceforge Jgbbs < 3.0 - SQL Injection
SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter, a different vector than CVE-2007-1440. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-1471 EXPLOITDB html WORKING POC
Orion-Blog 2.0 - Auth Bypass
admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass authentication controls and gain privileges via a direct URL request for admin/AdminBlogNewsEdit.asp.
CVE-2007-1469 EXPLOITDB text WORKING POC
Xigla Absolute Image Gallery XE - SQL Injection
SQL injection vulnerability in gallery.asp in Absolute Image Gallery 2.0 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action.