Lucene search
K

128 matches found

Prion
Prion
added 2009/03/06 6:50 a.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in default.php in Kipper 2.01 allows remote attackers to inject arbitrary web script or HTML via the charm parameter...

4.3CVSS6.1AI score0.01484EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2009/03/06 6:50 a.m.16 views

Directory traversal

Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

7.5CVSS7.5AI score0.02359EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2009/03/06 6:50 a.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS6AI score0.01204EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2009/03/03 6:0 p.m.47 views

CVE-2009-0763

CVE-2009-0763 is an XSS vulnerability in the Kipper 2.01 release (default.php) that permits remote injection of arbitrary script/HTML via the charm parameter. Affected software: Kipper 2.01 . Root cause: unsanitized input in default.php leading to HTML/script injection. Impact: potential user bro...

4.3CVSS5.9AI score0.01484EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2009/03/03 6:0 p.m.51 views

CVE-2009-0765

CVE-2009-0765 affects Kipper 2.01, where index.php is vulnerable to directory traversal: remote attackers can include and execute arbitrary local files via .. in the configfile parameter. The issue enables partial confidentiality, integrity, and availability impact (CVSSv2 base score 7.5; AV:N/AC...

7.5CVSS7.3AI score0.02347EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2009/03/03 6:0 p.m.18 views

CVE-2009-0764

Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5.7AI score0.01204EPSS
Exploits0References1
Cvelist
Cvelist
added 2009/03/03 6:0 p.m.26 views

CVE-2009-0765

Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the configfile parameter...

7.1AI score0.02347EPSS
Exploits1References4
CVE
CVE
added 2009/03/03 6:0 p.m.48 views

CVE-2009-0766

CVE-2009-0766 affects Kipper 2.01 where a directory-traversal flaw in default.php allows remote attackers to include and execute arbitrary local files via the configfile parameter. Root cause: improper handling of directory paths enabling local file inclusion. Impact: partial confidentiality/inte...

7.5CVSS7.2AI score0.02359EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2009/03/03 6:0 p.m.25 views

CVE-2009-0763

Cross-site scripting XSS vulnerability in default.php in Kipper 2.01 allows remote attackers to inject arbitrary web script or HTML via the charm parameter...

5.7AI score0.01484EPSS
Exploits1References3
Cvelist
Cvelist
added 2009/03/03 6:0 p.m.22 views

CVE-2009-0766

Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

7AI score0.02359EPSS
Exploits0References1
Cvelist
Cvelist
added 2009/03/03 6:0 p.m.18 views

CVE-2009-0767

Kipper 2.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing credentials via a direct request for job/config.data...

6.4AI score0.02329EPSS
Exploits0References2
CVE
CVE
added 2009/03/03 6:0 p.m.51 views

CVE-2009-0767

CVE-2009-0767 affects Kipper 2.01, where sensitive information is stored under the web root with insufficient access control. This allows remote attackers to download a file containing credentials via a direct request for job/config.data. Impact is exposure of credentials (partial confidentiality...

5CVSS6.5AI score0.02329EPSS
Exploits0References2Affected Software1
seebug.org
seebug.org
added 2009/02/06 12:0 a.m.18 views

Kipper 2.01 (XSS/LFI/DD) Multiple Vulnerabilities

No description provided by source. Kipper 2.01 Multiple Vulnes Remote Data Reading , Local File Include , Remote XSS Download From : http://www.bookelves.com/kipper/files/kipper20.zip - Found By : RoMaNcYxHaCkEr - My Site : WwW.Sec-Code.CoM - My Group : Security - Codes Group Exploit 1: - Remote...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/02/05 12:0 a.m.14 views

Kipper 2.01 - Cross-Site Scripting Local File Inclusion File Disclosure

Kipper 2.01 - Cross-Site Scripting Local File Inclusion File Disclosure Kipper 2.01 Multiple Vulnes Remote Data Reading , Local File Include , Remote XSS Download From : http://www.bookelves.com/kipper/files/kipper20.zip - Found By : RoMaNcYxHaCkEr - My Site : WwW.Sec-Code.CoM - My Group : Securi...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2009/02/05 12:0 a.m.18 views

Kipper 2.01 XSS / LFI / Disclosure

Kipper 2.01 Multiple Vulnes Remote Data Reading , Local File Include , Remote XSS Download From : http://www.bookelves.com/kipper/files/kipper20.zip - Found By : RoMaNcYxHaCkEr - My Site : WwW.Sec-Code.CoM - My Group : Security - Codes Group Exploit 1: - Remote Data Reading :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/02/05 12:0 a.m.39 views

Kipper 2.01 - Cross-Site Scripting / Local File Inclusion / File Disclosure

Kipper 2.01 Multiple Vulnes Remote Data Reading , Local File Include , Remote XSS Download From : http://www.bookelves.com/kipper/files/kipper20.zip - Found By : RoMaNcYxHaCkEr - My Site : WwW.Sec-Code.CoM - My Group : Security - Codes Group Exploit 1: - Remote Data Reading :...

7.4AI score
Exploits0
0day.today
0day.today
added 2009/02/05 12:0 a.m.20 views

Kipper 2.01 (XSS/LFI/DD) Multiple Vulnerabilities

Exploit for unknown platform in category web applications ================================================= Kipper 2.01 XSS/LFI/DD Multiple Vulnerabilities ================================================= Kipper 2.01 Multiple Vulnes Remote Data Reading , Local File Include , Remote XSS Download...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/11/28 12:0 a.m.26 views

Booking Centre 2.01 (Auth Bypass) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================= Booking Centre 2.01 Auth Bypass SQL Injection Vulnerability ============================================================= Booking Centre 2.01 Auth Bypass SQL Injection...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/11/28 12:0 a.m.53 views

Booking Centre 2.01 - Authentication Bypass

Booking Centre 2.01 Auth Bypass SQL Injection Vulnerability -------------------------------------------------------------- Author: MrDoug E-mail: mrdoug13atgmaildotcom -------------------------------------------------------------- Exploit: http://demo.hotelsadmin.com/admin/index.php Username ==...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/11/27 12:0 a.m.35 views

Booking Centre 2.01 - HotelID SQL Injection

Booking Centre 2.01 - HotelID SQL Injection ----------------------------بسم الله الرحمن الرحيم------------------------------ Tybe: hotelhabitaciones.php HotelID Remote SQL Injection Vulnerability Vendor: www.bookingcentre.eu Software: Hotels Group author: я3d D3v!L Date:...

Exploits0
Rows per page
Query Builder