Lucene search
K

82 matches found

NVD
NVD
added 2006/08/10 12:4 a.m.14 views

CVE-2006-4051

PHP remote file inclusion vulnerability in global.php in Turnkey Web Tools PHP Live Helper 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter...

7.5CVSS7.5AI score0.0812EPSS
Exploits1References7
exploitpack
exploitpack
added 2006/08/08 12:0 a.m.18 views

Cwfm 0.9.1 - Language Remote File Inclusion

Cwfm 0.9.1 - Language Remote File Inclusion +-------------------------------------------------------------------- + + Cwfm-0.9.1 Language Remote File Inclusion + + Original advisory: + + http://www.bb-pcsecurity.de/Websecurity/301/org/Cwfm-0.9.1LanguageRemoteFileInclusion.htm +...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2006/08/08 12:0 a.m.33 views

Cwfm 0.9.1 - 'Language' Remote File Inclusion

+-------------------------------------------------------------------- + + Cwfm-0.9.1 Language Remote File Inclusion + + Original advisory: + + http://www.bb-pcsecurity.de/Websecurity/301/org/Cwfm-0.9.1LanguageRemoteFileInclusion.htm +...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/08/07 12:0 a.m.32 views

[ECHO_ADV_42$2006] PHP Live Helper <= 2.0 (abs_path) Remote File Inclusion

/ / | | / // / | | Y / | / / /| / / / / / / .OR.ID ECHOADV42$2006 --------------------------------------------------------------------------------------------------- ECHOADV42$2006 PHP Live Helper = 2.0 abspath Remote File Inclusion...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2006/08/07 12:0 a.m.30 views

PHP Live Helper 2.0 - 'abs_path' Remote File Inclusion

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV43$2006 ------------------------------------------------------------------------------ ECHOADV43$2006 PHP Live Helper = 2.0 abspath Remote File Inclusion...

7.4AI score
Exploits0
NVD
NVD
added 2006/04/19 4:6 p.m.18 views

CVE-2006-1842

Cross-site scripting XSS vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the 1 NAME and 2 COMMENTS parameters...

2.6CVSS5.7AI score0.01293EPSS
Exploits0References6
Prion
Prion
added 2006/04/19 4:6 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the 1 LOCATION and 2 URL parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

2.6CVSS6AI score0.01161EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2006/04/19 4:6 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the 1 NAME and 2 COMMENTS parameters...

2.6CVSS6.2AI score0.01293EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2006/04/19 4:6 p.m.13 views

CVE-2006-1843

Cross-site scripting XSS vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the 1 LOCATION and 2 URL parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

2.6CVSS5.6AI score0.01161EPSS
Exploits0References3
CVE
CVE
added 2006/04/19 4:0 p.m.48 views

CVE-2006-1843

CVE-2006-1843: An XSS vulnerability in global.php of ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) LOCATION and (2) URL parameters. Affected software is ShoutBOOK 1.1; the issue arises from improper handling of user-supplied parameters, leading to reflec...

2.6CVSS5.6AI score0.01161EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2006/04/16 12:0 a.m.43 views

[KAPDA]MyBB1.1.0~global.php~ParameterExtracting

ORIGINAL ADVISORY: http://myimei.com/security/2006-04-14/mybb110globalphpparameterextracting.html ——————-Summary—————- Software: MyBB Sowtware’s Web Site: http://www.mybboard.com Versions: 1.1.0 Class: Remote Status: Unpatched Exploit: Available Solution: Available Discovered by: imei...

1.9AI score
Exploits0
Prion
Prion
added 2006/02/02 11:2 a.m.15 views

Sql injection

SQL injection vulnerability in global.php in MyBB before 1.03 allows remote attackers to execute arbitrary SQL commands via the templatelist variable...

7.5CVSS9.1AI score0.01214EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2006/02/02 11:2 a.m.15 views

CVE-2006-0523

SQL injection vulnerability in global.php in MyBB before 1.03 allows remote attackers to execute arbitrary SQL commands via the templatelist variable...

7.5CVSS8.4AI score0.01214EPSS
Exploits0References5
CVE
CVE
added 2006/02/02 11:0 a.m.42 views

CVE-2006-0523

The vulnerability CVE-2006-0523 is an SQL injection flaw in MyBB’s global.php (templatelist variable) affecting versions prior to 1.03. The issue allows remote attackers to modify SQL queries, potentially compromising data. The core detail is that templatelist input is used in SQL statements with...

7.5CVSS8.4AI score0.01214EPSS
Exploits0References5Affected Software1
Packet Storm
Packet Storm
added 2005/12/14 12:0 a.m.25 views

arabPortalSQL.txt

Hi .. This is small bug for Arab Portal System v2 Beta 2 File name :- global.php Remote:- Yes Credit :- Devil-00 Messenger :- E-Mail :- //-- Devil SQL Injection / This SQL can do when :- magicquotesgpc = Off $sessionid query"DELETE FROM rafiaonline WHERE onlineSID ='$sessionid' or timestamp...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/12/13 12:0 a.m.25 views

Arab Portal v2 Beta2 SQL Injections

Hi .. This is small bug for Arab Portal System v2 Beta 2 File name :- global.php Remote:- Yes Credit :- Devil-00 Messenger :- [email protected] E-Mail :- [email protected] //-- Devil SQL Injection / This SQL can do when :- magicquotesgpc = Off $sessionid Bad Var Attacking :-...

7.8AI score
Exploits0
CVE
CVE
added 2005/06/28 4:0 a.m.52 views

CVE-2002-1922

CVE-2002-1922 describes a Cross-site Scripting (XSS) vulnerability in Jelsoft vBulletin, affecting versions 2.0.0 through 2.2.8. The issue allows remote attackers to inject arbitrary web script or HTML via the (1) $scriptpath or (2) $url variables in global.php. The connected documents confirm th...

4.3CVSS6AI score0.03581EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2005/06/28 4:0 a.m.18 views

CVE-2002-1922

Cross-site scripting XSS vulnerability in global.php in Jelsoft vBulletin 2.0.0 through 2.2.8 allows remote attackers to inject arbitrary web script or HTML via the 1 $scriptpath or 2 $url variables...

5.7AI score0.03581EPSS
Exploits1References3
securityvulns
securityvulns
added 2005/06/22 12:0 a.m.190 views

MercuryBoard 1.1.4 SQL Injection

RST/GHC Advisory 28 Product : MercuryBoard Version : 1.1.4 FILE : index.php VULN : SQL injection CODE : global.php ---------- 71 : $this-agent = isset$SERVER'HTTPUSERAGENT' ? $SERVER'HTTPUSERAGENT' : null; index.php --------- 154 : $mercury-db-query"REPLACE INTO $mercury-preactive activeid,...

0.3AI score
Exploits0
NVD
NVD
added 2005/06/09 4:0 a.m.12 views

CVE-2005-1883

global.php in YaPiG 0.92b allows remote attackers to include arbitrary local files via the BASEDIR parameter...

5CVSS6.6AI score0.01548EPSS
Exploits1References4
Rows per page
Query Builder