d3b4g

38 exploits Active since Oct 2008
CVE-2008-4774 EXPLOITDB text WORKING POC
QuestCMS - Cross-Site Scripting via cx Parameter
Cross-site scripting (XSS) vulnerability in main/main.php in QuestCMS allows remote attackers to inject arbitrary web script or HTML via the cx parameter.
CVE-2008-6246 EXPLOITDB text WRITEUP
Scripts For Sites EZ Webring - SQL Injection via Category Parameter
SQL injection vulnerability in category.php in Scripts For Sites (SFS) EZ Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2009-4883 EXPLOITDB text WORKING POC
PHPRecipeBook 2.24 and 2.39 - SQL Injection via base_id or course_id Parameter
SQL injection vulnerability in index.php in PHPRecipeBook 2.24 and 2.39 allows remote attackers to execute arbitrary SQL commands via the (1) base_id or (2) course_id parameter in a search action.
CVE-2008-5970 EXPLOITDB text WRITEUP
i-Net Solution Orkut Clone - SQL Injection
SQL injection vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
CVE-2008-5971 EXPLOITDB text WORKING POC
i-Net Solution Orkut Clone - Authenticated Cross-Site Scripting via Profile Social ID Parameter
Cross-site scripting (XSS) vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote authenticated users to inject arbitrary web script or HTML via the id parameter.
CVE-2012-6589 EXPLOITDB text WORKING POC
MYRE Business Directory - Cross-Site Scripting via Search Look Parameter
Cross-site scripting (XSS) vulnerability in search.php in MYRE Business Directory allows remote attackers to inject arbitrary web script or HTML via the look parameter.
CVE-2012-6587 EXPLOITDB text WORKING POC
MYRE Vacation Rental Software - Cross-Site Scripting via link_idd Parameter
Cross-site scripting (XSS) vulnerability in vacation/1_mobile/alert_members.php in MYRE Vacation Rental Software allows remote attackers to inject arbitrary web script or HTML via the link_idd parameter in a login action.
CVE-2012-6585 EXPLOITDB text WORKING POC
myre_realty_manager - Cross-Site Scripting via search.php cat_id1 Parameter
Cross-site scripting (XSS) vulnerability in search.php in MYRE Realty Manager allows remote attackers to inject arbitrary web script or HTML via the cat_id1 parameter.
EIP-2026-107250 EXPLOITDB text WORKING POC
Friends in War Make or Break 1.3 - Authentication Bypass
EIP-2026-107257 EXPLOITDB text WORKING POC
friendsinwar FAQ Manager - SQL Injection / Authentication Bypass
EIP-2026-106422 EXPLOITDB text WRITEUP
Deonixscripts Templates Management 1.3 - SQL Injection
EIP-2026-105664 EXPLOITDB text WRITEUP
BuyClassifiedScript - PHP Code Injection
CVE-2008-6487 EXPLOITDB text WORKING POC
DigiAffiliate < 1.4 - SQL Injection via Login Admin and Password Fields
Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields.