s0cratex

9 exploits Active since Feb 2007
CVE-2007-6128 EXPLOITDB text WORKING POC
WorkingOnWeb 2.0.1400 - SQL Injection
SQL injection vulnerability in events.php in WorkingOnWeb 2.0.1400 allows remote attackers to execute arbitrary SQL commands via the idevent parameter.
CVE-2007-1293 EXPLOITDB php WORKING POC
Rigter Portal System 6.2 - SQL Injection
SQL injection vulnerability in Rigter Portal System (RPS) 6.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categoria parameter to the top-level URI (index.php), possibly related to ver_descarga.php.
CVE-2007-1166 EXPLOITDB php WORKING POC
Nabopoll 1.2 - SQL Injection
SQL injection vulnerability in result.php in Nabopoll 1.2 allows remote attackers to execute arbitrary SQL commands via the surv parameter.
CVE-2007-4918 EXPLOITDB php WORKING POC
Gelatocms - SQL Injection
SQL injection vulnerability in classes/gelato.class.php in Gelato allows remote attackers to execute arbitrary SQL commands via the post parameter to index.php.
CVE-2007-4611 EXPLOITDB text WORKING POC
Moonware - SQL Injection
SQL injection vulnerability in viewevent.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-3088 EXPLOITDB text WORKING POC
Gaya Design Comicsense - SQL Injection
SQL injection vulnerability in index.php in Comicsense allows remote attackers to execute arbitrary SQL commands via the epi parameter.
CVE-2007-5408 EXPLOITDB perl WORKING POC
Cplinks Cpdynalinks - SQL Injection
SQL injection vulnerability in category.php in cpDynaLinks 1.02 allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2007-1107 EXPLOITDB php WORKING POC
Coppermine Photo Gallery <1.4 - SQL Injection
SQL injection vulnerability in thumbnails.php in Coppermine Photo Gallery (CPG) 1.3.x allows remote authenticated users to execute arbitrary SQL commands via a cpg131_fav cookie. NOTE: it was later reported that 1.4.10, 1.4.14, and other 1.4.x versions are also affected using similar cookies.
CVE-2007-3088 EXPLOITDB perl WORKING POC
Gaya Design Comicsense - SQL Injection
SQL injection vulnerability in index.php in Comicsense allows remote attackers to execute arbitrary SQL commands via the epi parameter.