x128

8 exploits Active since Feb 2006
CVE-2006-0728 EXPLOITDB php WORKING POC
webspell < 4.01.00 - SQL Injection via search.php title_op Parameter
SQL injection vulnerability in search.php in webSPELL 4.01.00 and earlier allows remote attackers to inject arbitrary SQL commands via the title_op parameter.
CVE-2006-1140 EXPLOITDB php WORKING POC
RedBLoG 0.5 - SQL Injection via RSS cat_id Parameter
SQL injection vulnerability in rss.php in RedBLoG 0.5 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2006-4906 EXPLOITDB php WORKING POC
More.groupware 0.74 - SQL Injection
SQL injection vulnerability in modules/calendar/week.php in More.groupware 0.74 allows remote attackers to execute arbitrary SQL commands via the new_calendarid parameter.
CVE-2006-1001 EXPLOITDB php WORKING POC
LanSuite LanParty Intranet System 2.0.6 and 2.1.0 beta - SQL Injection via Board Module fid Parameter
SQL injection vulnerability in the board module in LanSuite LanParty Intranet System 2.0.6 and 2.1.0 beta allows remote attackers to execute arbitrary SQL commands via the fid parameter.
CVE-2006-0851 EXPLOITDB php WORKING POC
ilchClan 1.05g - SQL Injection via Forum Module pid Parameter
SQL injection vulnerability in the forum module of ilchClan 1.05g and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter, when creating a newpost.
CVE-2006-1363 EXPLOITDB php WORKING POC
FreeWPS 2.11 - Remote Code Execution via images.php dirPath Parameter
images.php in Justin White (aka YTZ) Free Web Publishing System (FreeWPS) 2.11 allows remote attackers to execute arbitrary PHP code by uploading a .php file into the /upload directory as specified in the dirPath parameter, then performing a direct request to that file.
CVE-2006-3347 EXPLOITDB php WORKING POC
deV!Lz Clanportal DZCP 1.3.4 - SQL Injection
SQL injection vulnerability in index.php in deV!Lz Clanportal DZCP 1.3.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-0821 EXPLOITDB php WORKING POC
BXCP 0.299 - SQL Injection via tid Parameter
SQL injection vulnerability in index.php in BXCP 0.299 allows remote attackers to execute arbitrary SQL commands via the tid parameter.