Zinho

10 exploits Active since Apr 2005
CVE-2005-1308 EXPLOITDB text WORKING POC
SqWebMail - Cross-Site Scripting via Redirect Parameter CRLF Injection
SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML.
CVE-2005-1223 EXPLOITDB text WORKING POC
Ocean12 Calendar manager 1.01 - SQL Injection
Multiple SQL injection vulnerabilities in Ocean12 Calendar manager 1.01 allow remote attackers to execute arbitrary SQL commands via the Admin_id field.
CVE-2005-1095 EXPLOITDB text WORKING POC
Ocean12 Membership Manager Pro 1.x - XSS
Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2006-0240 EXPLOITDB text WRITEUP
Simple Blog < 2.1 - SQL Injection via Month Parameter
Multiple SQL injection vulnerabilities in Simple Blog 2.1 allow remote attackers to execute arbitrary SQL commands via the month parameter in an archives view operation and possibly certain other parameters in unspecified scripts.
CVE-2005-1561 EXPLOITDB text WRITEUP
MaxWebPortal 1.3.5 - Cross-Site Scripting via post.asp Parameters
Multiple cross-site scripting (XSS) vulnerabilities in post.asp in MaxWebPortal 1.3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mod, (2) M, or (3) type parameter.
CVE-2005-1011 EXPLOITDB text WORKING POC
SiteEnable - SQL Injection via content.asp sortby Parameter
SQL injection vulnerability in content.asp in SiteEnable allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
EIP-2026-100118 EXPLOITDB text WRITEUP
ASP Inline Corporate Calendar 3.6.3 - 'Details.asp' SQL Injection
CVE-2005-2386 EXPLOITDB text WRITEUP
CartWIZ 1.20 - Cross-Site Scripting via viewCart.asp Message Parameter
Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ 1.20 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
CVE-2005-1008 EXPLOITDB text WORKING POC
ASP-DEv XM Forum RC3 - Stored Cross-Site Scripting via IMG Tag
Cross-site scripting (XSS) vulnerability in posts.asp for ASP-DEv XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via a "javascript:" URL in an IMG tag.
EIP-2026-100117 EXPLOITDB text WRITEUP
ASP Inline Corporate Calendar 3.6.3 - 'Defer.asp' SQL Injection