gsy

6 exploits Active since May 2007
CVE-2007-2752 EXPLOITDB text WORKING POC
RunawaySoft Haber <1.0 - SQL Injection
SQL injection vulnerability in devami.asp in RunawaySoft Haber portal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-2717 EXPLOITDB text WORKING POC
iGeneric (iG) Shop 1.4 - SQL Injection
SQL injection vulnerability in shop/page.php in iGeneric (iG) Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the type_id[] parameter, a different vector than CVE-2005-0537.
CVE-2007-3119 EXPLOITDB text WORKING POC
Kartli Alisveris Sistemi - SQL Injection
SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) 1.0 allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
CVE-2007-2753 EXPLOITDB text WORKING POC
RunawaySoft Haber portal 1.0 - Info Disclosure
RunawaySoft Haber portal 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/xice.mdb.
CVE-2007-2641 EXPLOITDB text WORKING POC
W1L3D4 Philboard 0.2 - SQL Injection
SQL injection vulnerability in W1L3D4_bolum.asp in W1L3D4 Philboard 0.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter, a different vector than CVE-2007-0920.
CVE-2007-2661 EXPLOITDB text WORKING POC
BlogMe 3.0 - SQL Injection
SQL injection vulnerability in archshow.asp in BlogMe 3.0 allows remote attackers to execute arbitrary SQL commands via the var parameter, a different vector than CVE-2006-5976.