cO2

9 exploits Active since Mar 2008
CVE-2008-1889 EXPLOITDB text WORKING POC
XplodPHP AutoTutorials <2.1 - SQL Injection
SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials 2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-112225 EXPLOITDB text WORKING POC
SmallBiz 4 Seasons CMS - SQL Injection
EIP-2026-110020 EXPLOITDB perl WORKING POC
ODFaq 2.1.0 - Blind SQL Injection
CVE-2008-6653 EXPLOITDB perl WORKING POC
com_webhosting < 1.1 - SQL Injection via catid Parameter
SQL injection vulnerability in webhosting.php in the Webhosting Component (com_webhosting) module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2008-1913 EXPLOITDB text WORKING POC
Lasernet CMS <1.5,1.11 - SQL Injection
SQL injection vulnerability in index.php in Lasernet CMS 1.5 and 1.11, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the new parameter in a new action.
CVE-2008-1559 EXPLOITDB text WORKING POC
Joomla! com_alphacontent 2.5.8 - SQL Injection
SQL injection vulnerability in the Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2008-2095 EXPLOITDB text WORKING POC
Joomla com_flippingbook 1.0.4 - SQL Injection via book_id Parameter
SQL injection vulnerability in index.php in the FlippingBook (com_flippingbook) 1.0.4 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter.
CVE-2008-1559 EXPLOITDB perl WORKING POC
Joomla! com_alphacontent 2.5.8 - SQL Injection
SQL injection vulnerability in the Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2008-6642 EXPLOITDB text WORKING POC
DotContent FluentCMS 4.x - SQL Injection via view.php sid Parameter
SQL injection vulnerability in view.php in DotContent FluentCMS 4.x allows remote attackers to execute arbitrary SQL commands via the sid parameter. NOTE: some of these details are obtained from third party information.