snakespc - Security Researcher - Exploit Intelligence Platform

CVE-2009-1747 EXPLOITDB text WRITEUP

26thavenue bSpeak 1.10 - SQL Injection via ForumID Parameter

SQL injection vulnerability in index.php in 26th Avenue bSpeak 1.10 allows remote attackers to execute arbitrary SQL commands via the forumid parameter in a post action.

View Code

EIP-2026-105041 EXPLOITDB text WORKING POC

AJ Auction Pro OOPD 2.3 - 'id' SQL Injection

View Code

CVE-2009-1820 EXPLOITDB text WORKING POC

2daybiz Custom T-shirt Design Script - Cross-Site Scripting via product.php id Parameter

Cross-site scripting (XSS) vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to inject arbitrary web script or HTML via the id parameter.

View Code

CVE-2009-3667 EXPLOITDB text WORKING POC

AdsDX 3.05 - SQL Injection via Username Parameter

SQL injection vulnerability in admin/index.php in AdsDX 3.05 allows remote attackers to execute arbitrary SQL commands via the Username.

View Code

CVE-2009-3310 EXPLOITDB text WORKING POC

Zainu 1.0 - SQL Injection via AlbumSongs Album ID Parameter

SQL injection vulnerability in index.php in Zainu 1.0 allows remote attackers to execute arbitrary SQL commands via the album_id parameter in an AlbumSongs action.

View Code