Zinho

10 exploits Active since Apr 2005
CVE-2005-1308 EXPLOITDB text WORKING POC
SqWebMail - XSS
SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML.
CVE-2005-1223 EXPLOITDB text WORKING POC
Ocean12 Calendar manager 1.01 - SQL Injection
Multiple SQL injection vulnerabilities in Ocean12 Calendar manager 1.01 allow remote attackers to execute arbitrary SQL commands via the Admin_id field.
CVE-2005-1095 EXPLOITDB text WORKING POC
Ocean12 Membership Manager Pro 1.x - XSS
Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2006-0240 EXPLOITDB text WRITEUP
8pixel.net Simple Blog < 2.1 - SQL Injection
Multiple SQL injection vulnerabilities in Simple Blog 2.1 allow remote attackers to execute arbitrary SQL commands via the month parameter in an archives view operation and possibly certain other parameters in unspecified scripts.
CVE-2005-1561 EXPLOITDB text WRITEUP
Maxwebportal - XSS
Multiple cross-site scripting (XSS) vulnerabilities in post.asp in MaxWebPortal 1.3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mod, (2) M, or (3) type parameter.
CVE-2005-1011 EXPLOITDB text WORKING POC
SiteEnable - SQL Injection
SQL injection vulnerability in content.asp in SiteEnable allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
EIP-2026-100118 EXPLOITDB text WRITEUP
ASP Inline Corporate Calendar 3.6.3 - 'Details.asp' SQL Injection
CVE-2005-2386 EXPLOITDB text WRITEUP
Elemental Software Cartwiz - XSS
Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ 1.20 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
CVE-2005-1008 EXPLOITDB text WORKING POC
ASP-DEv XM Forum RC3 - XSS
Cross-site scripting (XSS) vulnerability in posts.asp for ASP-DEv XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via a "javascript:" URL in an IMG tag.
EIP-2026-100117 EXPLOITDB text WRITEUP
ASP Inline Corporate Calendar 3.6.3 - 'Defer.asp' SQL Injection