X1ngBox

6 exploits Active since Sep 2005
CVE-2005-4415 EXPLOITDB text WRITEUP
TML CMS 0.5 - XSS
Cross-site scripting (XSS) vulnerability in index.php in TML CMS 0.5 allows remote attackers to inject arbitrary web script or HTML via the form parameter.
CVE-2005-4416 EXPLOITDB text WRITEUP
TML CMS 0.5 - SQL Injection
SQL injection vulnerability in index.php in TML CMS 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2005-4262 EXPLOITDB text WRITEUP
Envolution - SQL Injection
Cross-site scripting (XSS) vulnerability in the News module in Envolution allows remote attackers to inject arbitrary web script or HTML via the (1) startrow and (2) catid parameter. NOTE: this issue might be resultant from the SQL injection problem (CVE-2005-4263).
CVE-2005-4263 EXPLOITDB text WRITEUP
Envolution - SQL Injection
SQL injection vulnerability in the News module in Envolution allows remote attackers to execute arbitrary SQL commands via the (1) startrow and (2) catid parameter.
CVE-2005-3127 EXPLOITDB text WORKING POC
lucidCMS 1.0.11 - XSS
Cross-site scripting (XSS) vulnerability in index.php in lucidCMS 1.0.11 allows remote attackers to inject arbitrary web script or HTML via the query string.
CVE-2005-3083 EXPLOITDB text WORKING POC
CMS Made Simple 0.10 - XSS
Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simple 0.10 allows remote attackers to inject arbitrary web script or HTML via the page parameter.