krasza

6 exploits Active since Sep 2005
CVE-2005-4516 EXPLOITDB text WORKING POC
PHP-Fusion 6.00.200-6.00.300 - Cross-Site Scripting via Sortby Parameter and IMG Tags
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion 6.00.200 through 6.00.300 allow remote attackers to inject arbitrary web script or HTML via (1) the sortby parameter in members.php and (2) IMG tags.
CVE-2005-4517 EXPLOITDB perl WORKING POC
PHP-Fusion <6.00.300 - SQL Injection
SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 allows remote attackers to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php.
CVE-2007-1061 EXPLOITDB perl WORKING POC
PHP-Nuke < 8.0_final - SQL Injection via HTTP Referer Header
SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the "HTTP Referers" block is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable).
CVE-2007-1061 EXPLOITDB perl WORKING POC
PHP-Nuke < 8.0_final - SQL Injection via HTTP Referer Header
SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the "HTTP Referers" block is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable).
CVE-2007-1061 EXPLOITDB perl WORKING POC
PHP-Nuke < 8.0_final - SQL Injection via HTTP Referer Header
SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the "HTTP Referers" block is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable).
CVE-2005-3052 EXPLOITDB text WORKING POC
jportal 2.3.1 - SQL Injection via Download Search Field
SQL injection vulnerability in module/down.inc.php in jportal 2.3.1 allows remote attackers to execute arbitrary SQL commands via the search field to download.php.