Exploitdb Exploits

CVE-2012-5313 EXPLOITDB text VERIFIED

Snitz Forums 2000 - SQL Injection

SQL injection vulnerability in forum.asp in Snitz Forums 2000 allows remote attackers to execute arbitrary SQL commands via the TOPIC_ID parameter.

by snup

View

CVE-2012-0913 EXPLOITDB text VERIFIED

ICloudCenter ICTimeAttendance 1.0 - SQL Injection

SQL injection vulnerability in checklogin.aspx in ICloudCenter ICTimeAttendance 1.0 allows remote attackers to execute arbitrary SQL commands via the passw parameter. NOTE: Some of these details are obtained from third party information.

by v3n0m

View

EIP-2026-100297 EXPLOITDB text VERIFIED

EasyPage - SQL Injection

by Red Security TEAM

View

EIP-2026-114132 EXPLOITDB text VERIFIED

WordPress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting

by Gianluca Brindisi

View

EIP-2026-112967 EXPLOITDB text VERIFIED

Vastal EzineShop - 'view_mags.php' SQL Injection

by Lazmania61

View

EIP-2026-111442 EXPLOITDB text VERIFIED

PostNuke pnAddressbook Module - 'id' SQL Injection

by Robert Cooper

View

EIP-2026-106590 EXPLOITDB text VERIFIED

Drupal Module CKEditor 3.0 < 3.6.2 - Persistent EventHandler Cross-Site Scripting

by MaXe

View

EIP-2026-112744 EXPLOITDB text VERIFIED

Toner Cart - 'show_series_ink.php' SQL Injection

by Lazmania61

View

CVE-2012-6525 EXPLOITDB text VERIFIED

Phpbridges - SQL Injection

SQL injection vulnerability in members.php in PHPBridges allows remote attackers to execute arbitrary SQL commands via the id parameter.

by 3spi0n

View

CVE-2012-6524 EXPLOITDB text VERIFIED

Powie Pgb - SQL Injection

SQL injection vulnerability in kommentar.php in pGB 2.12 allows remote attackers to execute arbitrary SQL commands via the id parameter.

by 3spi0n

View

CVE-2012-0989 EXPLOITDB text VERIFIED

OneOrZero AIMS 2.8.0 - XSS

Cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial Edition build231211 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.

by High-Tech Bridge SA

View

EIP-2026-109519 EXPLOITDB text VERIFIED

MMORPG Zone - 'view_news.php' SQL Injection

by Lazmania61

View

CVE-2012-6526 EXPLOITDB text VERIFIED

Vastal Freelance Zone - SQL Injection

SQL injection vulnerability in show_code.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the code_id parameter.

by Lazmania61

View

CVE-2012-0905 EXPLOITDB text VERIFIED

deV!L'z Clanportal - SQL Injection

SQL injection vulnerability in deV!L'z Clanportal (DZCP) Gamebase addon allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a detail action to index.php.

by Easy Laster

View

CVE-2012-0906 EXPLOITDB text VERIFIED

Moviebase addon <1.5.5 - SQL Injection

SQL injection vulnerability in the Moviebase addon for deV!L'z Clanportal (DZCP) 1.5.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a showkat action to index.php.

by Easy Laster

View

EIP-2026-108331 EXPLOITDB text VERIFIED

Joomla! Component com_discussions - SQL Injection

by Red Security TEAM

View

CVE-2012-0221 EXPLOITDB text VERIFIED

Rockwellautomation Factorytalk - Improper Input Validation

The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 does not properly handle the return value from an unspecified function, which allows remote attackers to cause a denial of service (service outage) via a crafted packet.

by Luigi Auriemma

View

EIP-2026-111232 EXPLOITDB text VERIFIED

phpVideoPro 0.8.x/0.9.7 - Multiple Cross-Site Scripting Vulnerabilities

by Stefan Schurtz

View

EIP-2026-111036 EXPLOITDB text

PHPDomainRegister 0.4a-RC2-dev - Multiple Vulnerabilities

by Or4nG.M4N

View

EIP-2026-110730 EXPLOITDB text VERIFIED

PHP Membership Site Manager Script 2.1 - 'index.php' Cross-Site Scripting

by Atmon3r

View

EIP-2026-107417 EXPLOITDB text VERIFIED

Giveaway Manager - 'members.php' Cross-Site Scripting

by Am!r

View

EIP-2026-105580 EXPLOITDB text VERIFIED

BoltWire 3.4.16 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

by Stefan Schurtz

View

CVE-2012-0900 EXPLOITDB text VERIFIED

Beehive Forum 1.0.1 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Beehive Forum 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) forum/register.php or (2) forum/logon.php.

by Stefan Schurtz

View

CVE-2012-6528 EXPLOITDB text VERIFIED

Atutor < 2.0 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 2.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) themes/default/tile_search/index.tmpl.php, (2) login.php, (3) search.php, (4) password_reminder.php, (5) login.php/jscripts/infusion, (6) login.php/mods/_standard/flowplayer, (7) browse.php/jscripts/infusion/framework/fss, (8) registration.php/themes/default/ie_styles.css, (9) about.php, or (10) themes/default/social/basic_profile.tmpl.php.

by Stefan Schurtz

View

CVE-2012-0899 EXPLOITDB text VERIFIED

Annuaire PHP - XSS

Cross-site scripting (XSS) vulnerability in referencement/sites_inscription.php in Annuaire PHP allows remote attackers to inject arbitrary web script or HTML via the url parameter and possibly the nom parameter.

by Atmon3r

View