abducter

9 exploits Active since Sep 2005

CVE-2005-4656 EXPLOITDB perl WORKING POC

TClanPortal <= 1.1.3 - SQL Injection via id Parameter

SQL injection vulnerability in index.php in TClanPortal 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands, and retrieve all usernames and passwords, via the id parameter.

View Code

CVE-2007-2492 EXPLOITDB text WORKING POC

PostNuke v4bJournal - SQL Injection

SQL injection vulnerability in index.php in the v4bJournal module for PostNuke allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a journal_comment action.

View Code

EIP-2026-110515 EXPLOITDB text WRITEUP

PBLang 4.65 - Multiple Cross-Site Scripting Vulnerabilities

View Code

CVE-2005-3508 EXPLOITDB perl WORKING POC

Galerie - SQL Injection

SQL injection vulnerability in showGallery.php in Gallery (Galerie) 2.4 allows remote attackers to execute arbitrary SQL commands via the galid parameter.

View Code

CVE-2005-2989 EXPLOITDB text WRITEUP

DeluxeBB 1.0 and 1.0.5 - SQL Injection via tid uid or fid Parameter

Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php.

View Code

CVE-2005-2989 EXPLOITDB text WRITEUP

DeluxeBB 1.0 and 1.0.5 - SQL Injection via tid uid or fid Parameter

Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php.

View Code

CVE-2005-2989 EXPLOITDB text WRITEUP

DeluxeBB 1.0 and 1.0.5 - SQL Injection via tid uid or fid Parameter

Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php.

View Code

CVE-2005-2989 EXPLOITDB text WRITEUP

DeluxeBB 1.0 and 1.0.5 - SQL Injection via tid uid or fid Parameter

Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php.

View Code

CVE-2005-2989 EXPLOITDB text WRITEUP

DeluxeBB 1.0 and 1.0.5 - SQL Injection via tid uid or fid Parameter

Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php.

View Code