h0yt3r

15 exploits Active since Apr 2008
CVE-2008-1640 EXPLOITDB text WORKING POC
JGS-XA JGS-Treffen <2.0.2 - SQL Injection
SQL injection vulnerability in jgs_treffen.php in the JGS-XA JGS-Treffen 2.0.2 and earlier addon for Woltlab Burning Board (wBB) allows remote attackers to execute arbitrary SQL commands via the view_id parameter in an ansicht action.
EIP-2026-113362 EXPLOITDB text WRITEUP
webSPELL 4 - Authentication Bypass
CVE-2008-5269 EXPLOITDB text WORKING POC
pSys 0.7.0 alpha - SQL Injection
SQL injection vulnerability in index.php in pSys 0.7.0 alpha allows remote attackers to execute arbitrary SQL commands via the shownews parameter.
CVE-2008-2904 EXPLOITDB text WORKING POC
Phpmycart - SQL Injection
SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-2816 EXPLOITDB text WRITEUP
O2php Oxygen - SQL Injection
SQL injection vulnerability in post.php in Oxygen (aka O2PHP Bulletin Board) 2.0 allows remote attackers to execute arbitrary SQL commands via the repquote parameter in a reply action, a different vector than CVE-2006-1572.
CVE-2008-2815 EXPLOITDB perl WORKING POC
Mymarket - SQL Injection
SQL injection vulnerability in shopping/index.php in MyMarket 1.72 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2755 EXPLOITDB perl WORKING POC
Jamm-media Jamm Cms - SQL Injection
SQL injection vulnerability in index.php in JAMM CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2919 EXPLOITDB perl WORKING POC
Gryphonllc Gryphon Gllcts2 - SQL Injection
SQL injection vulnerability in listing.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the sort parameter.
CVE-2008-2790 EXPLOITDB text WORKING POC
Mountaingrafix Easytrade - SQL Injection
SQL injection vulnerability in detail.php in MountainGrafix easyTrade 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4889 EXPLOITDB perl WORKING POC
Dev!l's Clanportal < 1.4.9.6 - SQL Injection
SQL injection vulnerability in index.php in deV!L'z Clanportal (DZCP) 1.4.9.6 and earlier allows remote attackers to execute arbitrary SQL commands via the users parameter in an addbuddy operation in a buddys action.
CVE-2008-2909 EXPLOITDB perl WORKING POC
Clever Copy - SQL Injection
SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter.
CVE-2008-2866 EXPLOITDB python WORKING POC
Caupo.net Cauposhop Classic - SQL Injection
SQL injection vulnerability in csc_article_details.php in Caupo.net CaupoShop Classic 1.3 allows remote attackers to execute arbitrary SQL commands via the saArticle[ID] parameter.
CVE-2008-3129 EXPLOITDB text WORKING POC
Catviz 0.4 beta 1 - SQL Injection
Multiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta 1 allow remote attackers to execute arbitrary SQL commands via the (1) foreign_key_value parameter in the news page and (2) webpage parameter in the webpage_multi_edit form.
CVE-2008-2918 EXPLOITDB perl WORKING POC
Application Dynamics Cartweaver - SQL Injection
SQL injection vulnerability in details.php in Application Dynamics Cartweaver 3.0 allows remote attackers to execute arbitrary SQL commands via the prodId parameter, possibly a related issue to CVE-2006-2046.3.
CVE-2008-5198 EXPLOITDB text WORKING POC
Acmlmboard 1.A2 - SQL Injection
SQL injection vulnerability in memberlist.php in Acmlmboard 1.A2 allows remote attackers to execute arbitrary SQL commands via the pow parameter.