parad0x

6 exploits Active since Dec 2004
CVE-2006-5954 EXPLOITDB WORKING POC
NetVIOS < 2.0 - SQL Injection via NewsID Parameter
SQL injection vulnerability in page.asp in NetVIOS 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the NewsID parameter.
CVE-2008-1909 EXPLOITDB text WORKING POC
PHPKB Knowledge Base 1.5 and 2.0 - SQL Injection via ID Parameter
SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPKB) 1.5 and 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-6489 EXPLOITDB text WORKING POC
com_myalbum 1.0 - SQL Injection via Album Parameter
SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the album parameter to index.php.
CVE-2008-1867 EXPLOITDB text WORKING POC
pixel_motion_blog - SQL Injection via categorie Parameter
SQL injection vulnerability in Blog Pixel Motion (aka Blog PixelMotion) allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, possibly related to include/requetesIndex.php.
CVE-2007-1566 EXPLOITDB text WORKING POC
NetVIOS Portal - SQL Injection via NewsID Parameter
SQL injection vulnerability in News/page.asp in NetVIOS Portal allows remote attackers to execute arbitrary SQL commands via the NewsID parameter. NOTE: this issue might be the same as CVE-2006-5954.
CVE-2004-1552 EXPLOITDB text WORKING POC
aspWebCalendar - SQL Injection via Username Field or EventID Parameter
SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp.