v3n0m

58 exploits Active since Jul 2007
CVE-2009-4099 EXPLOITDB text WORKING POC
Google Calendar GCalendar <2.1.4 - SQL Injection
SQL injection vulnerability in the Google Calendar GCalendar (com_gcalendar) component 1.1.2, 2.1.4, and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the gcid parameter. NOTE: some of these details are obtained from third party information.
EIP-2026-108435 EXPLOITDB text WORKING POC
Joomla! Component com_maianmedia - SQL Injection
CVE-2009-3972 EXPLOITDB text WORKING POC
Joomla! com_siirler 1.2 RC - SQL Injection
SQL injection vulnerability in the Q-Proje Siirler Bileseni (com_siirler) component 1.2 RC for Joomla! allows remote attackers to execute arbitrary SQL commands via the sid parameter in an sdetay action to index.php.
EIP-2026-108606 EXPLOITDB text WORKING POC
Joomla! Component com_ybggal 1.0 - 'catid' SQL Injection
CVE-2010-2690 EXPLOITDB text WORKING POC
JOOFORGE Gamesbox <1.0.2 - SQL Injection
SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) component 1.0.2, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a consoles action to index.php.
CVE-2010-1721 EXPLOITDB text WORKING POC
com_iproperty 1.5.3 - SQL Injection via id Parameter
SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php.
CVE-2010-5028 EXPLOITDB text WORKING POC
Joomla! com_jejob 1.0 - SQL Injection
SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.
EIP-2026-108709 EXPLOITDB text WORKING POC
Joomla! Component JE Poll - 'pollid' SQL Injection
EIP-2026-108019 EXPLOITDB perl WORKING POC
iTechscripts Freelancer Script 5.11 - 'sk' SQL Injection
EIP-2026-107757 EXPLOITDB text WRITEUP
iDevSpot iDevCart 1.10 - Multiple Local File Inclusions
EIP-2026-107251 EXPLOITDB text WRITEUP
Friends in War Make or Break 1.7 - 'imgid' SQL Injection
EIP-2026-107536 EXPLOITDB text WRITEUP
Guru Penny Auction Pro 3.0 - Blind SQL Injection
EIP-2026-107535 EXPLOITDB text WORKING POC
Guru JustAnswer Professional 1.25 - Multiple SQL Injections
EIP-2026-107534 EXPLOITDB text WORKING POC
Guru Auction 2.0 - Multiple SQL Injections
CVE-2010-1726 EXPLOITDB text WORKING POC
EC21 Clone 3.0 - SQL Injection via offers_buy.php id Parameter
SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-106897 EXPLOITDB text WORKING POC
EPay Enterprise 4.13 - 'cid' SQL Injection
CVE-2010-2051 EXPLOITDB text WORKING POC
Debliteck DBCart - SQL Injection via article.php id Parameter
SQL injection vulnerability in article.php in Debliteck DBCart allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-106172 EXPLOITDB text WRITEUP
Cory Support - 'pr' SQL Injection
CVE-2010-4814 EXPLOITDB text WORKING POC
Best Soft Inc. Advance Hotel Booking System 1.0 - SQL Injection
SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) Advance Hotel Booking System 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2010-1876 EXPLOITDB text WORKING POC
AJ Shopping Cart 1.0 - SQL Injection via maincatid Parameter
SQL injection vulnerability in index.php in AJ Shopping Cart 1.0 allows remote attackers to execute arbitrary SQL commands via the maincatid parameter in a showmaincatlanding action.
CVE-2010-1744 EXPLOITDB text WORKING POC
B2B Gold Script - SQL Injection via id Parameter
SQL injection vulnerability in product.html in B2B Gold Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
EIP-2026-105354 EXPLOITDB text WORKING POC
B2B Classic Trading Script - 'offers.php' SQL Injection
CVE-2007-4085 EXPLOITDB text WORKING POC
AlstraSoft AskMe Pro - SQL Injection
Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to search.php.
CVE-2010-1725 EXPLOITDB text WORKING POC
Alibaba Clone Platinum - SQL Injection via offers_buy.php id Parameter
SQL injection vulnerability in offers_buy.php in Alibaba Clone Platinum allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2779 EXPLOITDB text WORKING POC
ajsquare aj_matrix_dna - SQL Injection via id Parameter in productdetail Action
SQL injection vulnerability in index.php in AJ Matrix DNA allows remote attackers to execute arbitrary SQL commands via the id parameter in a productdetail action.