d3b4g

38 exploits Active since Oct 2008
CVE-2008-4774 EXPLOITDB text WORKING POC
Questwork Questcms - XSS
Cross-site scripting (XSS) vulnerability in main/main.php in QuestCMS allows remote attackers to inject arbitrary web script or HTML via the cx parameter.
CVE-2008-6246 EXPLOITDB text WRITEUP
Scripts-for-sites EZ Webring - SQL Injection
SQL injection vulnerability in category.php in Scripts For Sites (SFS) EZ Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2009-4883 EXPLOITDB text WORKING POC
Todd Rogers Phprecipebook - SQL Injection
SQL injection vulnerability in index.php in PHPRecipeBook 2.24 and 2.39 allows remote attackers to execute arbitrary SQL commands via the (1) base_id or (2) course_id parameter in a search action.
CVE-2008-5970 EXPLOITDB text WRITEUP
i-Net Solution Orkut Clone - SQL Injection
SQL injection vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
CVE-2008-5971 EXPLOITDB text WORKING POC
i-Net Solution Orkut Clone - XSS
Cross-site scripting (XSS) vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote authenticated users to inject arbitrary web script or HTML via the id parameter.
CVE-2012-6589 EXPLOITDB text WORKING POC
Myrephp Myre Business Directory - XSS
Cross-site scripting (XSS) vulnerability in search.php in MYRE Business Directory allows remote attackers to inject arbitrary web script or HTML via the look parameter.
CVE-2012-6587 EXPLOITDB text WORKING POC
Myrephp Myre Vacation Rental - XSS
Cross-site scripting (XSS) vulnerability in vacation/1_mobile/alert_members.php in MYRE Vacation Rental Software allows remote attackers to inject arbitrary web script or HTML via the link_idd parameter in a login action.
CVE-2012-6585 EXPLOITDB text WORKING POC
Myrephp Myre Realty Manager - XSS
Cross-site scripting (XSS) vulnerability in search.php in MYRE Realty Manager allows remote attackers to inject arbitrary web script or HTML via the cat_id1 parameter.
EIP-2026-107250 EXPLOITDB text WORKING POC
Friends in War Make or Break 1.3 - Authentication Bypass
EIP-2026-107257 EXPLOITDB text WORKING POC
friendsinwar FAQ Manager - SQL Injection / Authentication Bypass
EIP-2026-106422 EXPLOITDB text WRITEUP
Deonixscripts Templates Management 1.3 - SQL Injection
EIP-2026-105664 EXPLOITDB text WRITEUP
BuyClassifiedScript - PHP Code Injection
CVE-2008-6487 EXPLOITDB text WORKING POC
Digiappz Digiaffiliate < 1.4 - SQL Injection
Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields.