Lucene search
+L

635 matches found

Cvelist
Cvelist
added 2010/03/02 7:0 p.m.34 views

CVE-2010-0726

Cross-site scripting XSS vulnerability in the tb-send.rb TrackBack transmission plugin in tDiary 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors, possibly related to the 1 plugintburl and 2 plugintbexcerpt parameters...

5.6AI score0.01996EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/02/25 12:0 a.m.34 views

JVN#73331060 tDiary plugin tb-send.rb vulnerable to cross-site scripting

tDiary is a weblog software. tDiary plugin tb-send.rb contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on some web browsers. Solution Update the Software Update according to the information provided by the developer. Products Affected tDiary 2.2.2full set...

4.3CVSS5.5AI score0.01996EPSS
Exploits0
seebug.org
seebug.org
added 2009/12/24 12:0 a.m.18 views

apache 2.2.2 信息泄漏漏洞

No description provided by source...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2009/06/19 12:0 a.m.19 views

LightNEasy < 2.2.1 / 2.2.2 XSS Vulnerability

LightNEasy is prone to a cross-site scripting XSS vulnerability. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

4.3CVSS6.1AI score0.01033EPSS
Exploits0References3
NVD
NVD
added 2009/02/11 8:30 p.m.17 views

CVE-2009-0530

Multiple PHP remote file inclusion vulnerabilities in SnippetMaster 2.2.2, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 SESSIONSCRIPTPATH parameter to includes/vars.inc.php and the 2 gpcltarlibdir parameter to...

6.8CVSS7.6AI score0.01861EPSS
Exploits1References3
Prion
Prion
added 2009/02/11 8:30 p.m.15 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in SnippetMaster 2.2.2, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 SESSIONSCRIPTPATH parameter to includes/vars.inc.php and the 2 gpcltarlibdir parameter to...

6.8CVSS8.2AI score0.01861EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/02/11 8:0 p.m.29 views

CVE-2009-0530

Multiple PHP remote file inclusion vulnerabilities in SnippetMaster 2.2.2, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 SESSIONSCRIPTPATH parameter to includes/vars.inc.php and the 2 gpcltarlibdir parameter to...

7.6AI score0.01861EPSS
Exploits1References3
NVD
NVD
added 2008/12/30 8:30 p.m.12 views

CVE-2008-5770

Cross-site scripting XSS vulnerability in config/makeconfig.php in PHP Weather 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS5.8AI score0.02971EPSS
Exploits1References5
Prion
Prion
added 2008/12/30 8:30 p.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in config/makeconfig.php in PHP Weather 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS6.2AI score0.02971EPSS
Exploits1References5Affected Software1
Packet Storm
Packet Storm
added 2008/12/15 12:0 a.m.20 views

PHP Weather 2.2.2 LFI / XSS

Lfi/xss script: phpweather-2.2.2 download from:http://downloads.sourceforge.net/phpweather/phpweather-2.2.2.zip?modtime=1087430400&bigmirror=0 vul: /test.php line 48: requirePHPWEATHERBASEDIR . "/output/pwtext$language.php"; xpl: www.site.com/path/test.php?metar=&language=Lfi%00...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2008/12/15 12:0 a.m.17 views

PHP Weather 2.2.2 (LFI/XSS) Multiple Remote Vulnerabilities

No description provided by source. Lfi/xss script: phpweather-2.2.2 download from:http://downloads.sourceforge.net/phpweather/phpweather-2.2.2.zip?modtime=1087430400&bigmirror=0 vul: /test.php line 48: requirePHPWEATHERBASEDIR . "/output/pwtext$language.php"; xpl:...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/12/14 12:0 a.m.164 views

PHP Weather 2.2.2 (LFI/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications =========================================================== PHP Weather 2.2.2 LFI/XSS Multiple Remote Vulnerabilities =========================================================== Lfi/xss script: phpweather-2.2.2 download...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/12/14 12:0 a.m.15 views

PHP weather 2.2.2 - Local File Inclusion Cross-Site Scripting

PHP weather 2.2.2 - Local File Inclusion Cross-Site Scripting Lfi/xss script: phpweather-2.2.2 download from:http://downloads.sourceforge.net/phpweather/phpweather-2.2.2.zip?modtime=1087430400&bigmirror=0 vul: /test.php line 48: requirePHPWEATHERBASEDIR . "/output/pwtext$language.php"; xpl:...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/12/14 12:0 a.m.32 views

PHP weather 2.2.2 - Local File Inclusion / Cross-Site Scripting

Lfi/xss script: phpweather-2.2.2 download from:http://downloads.sourceforge.net/phpweather/phpweather-2.2.2.zip?modtime=1087430400&bigmirror=0 vul: /test.php line 48: requirePHPWEATHERBASEDIR . "/output/pwtext$language.php"; xpl: www.site.com/path/test.php?metar=&language=Lfi%00...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/09/24 12:0 a.m.26 views

Invision Power Board 'name'参数SQL注入漏洞

BUGTRAQ ID: 31288 CNCAN ID:CNCAN-2008092307 Invision Power Board是一款基于PHP的论坛程序。 Invision Power Board不正确处理用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息或可操作数据库。 问题是脚本对'name'参数缺少过滤,构建恶意的SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息。 Invision Power Services Invision Power Board 2.3.5 Invision Power Services Invision Power Boa...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2008/07/10 12:0 a.m.31 views

AuraCMS &lt;= 2.2.2 (pages_data.php) Arbitrary Edit/Add/Delete Exploit

No description provided by source. !/usr/bin/perl k1tk4t Public Security Advisory //////////////////////////////////////////////////////////// AuraCMS = 2.2.2 pagesdata.php Arbitrary Edit/Add/Delete data halaman exploit Vendor : http://www.auracms.org/ Kutu : ./js/pages/pagesdata.php Keterangan :...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/02/14 12:0 a.m.28 views

Fedora 7 : wordpress-2.3.3-0.fc7 (2008-1512)

Fri Feb 8 2008 John Berninger - 2.3.3-0 - update to 2.3.3 for security fixes - BZ 431547 - Sun Dec 30 2007 Adrian Reber - 2.3.2-1 - updated to 2.3.2 bz 426431, Draft Information Disclosure - Tue Oct 30 2007 Adrian Reber - 2.3.1-1 - updated to 2.3.1 bz 357731, wordpress XSS issue - Mon Oct 15 2007...

6.4CVSS5.3AI score0.03553EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.23 views

Debian Security Advisory DSA 238-1 (kdepim)

The remote host is missing an update to kdepim announced via advisory DSA 238-1. OpenVAS Vulnerability Test $Id: deb2381.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 238-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

7.5CVSS0.5AI score0.03671EPSS
Exploits0
Exploit DB
Exploit DB
added 2007/11/12 12:0 a.m.26 views

AutoIndex PHP Script 2.2.2/2.2.3 - &#039;index.php&#039; Denial of Service

source: https://www.securityfocus.com/bid/26410/info AutoIndex PHP Script is prone to a remote denial-of-service vulnerability because the application fails to properly handle unexpected input. Successfully exploiting this issue allows remote attackers to consume excessive CPU resources,...

7.4AI score
Exploits0
Debian CVE
Debian CVE
added 2007/07/10 12:0 a.m.32 views

CVE-2007-3639

WordPress before 2.2.2 allows remote attackers to redirect visitors to other websites and potentially obtain sensitive information via 1 the wphttpreferer parameter to wp-pass.php, related to the wpgetreferer function in wp-includes/functions.php; and possibly other vectors related to 2...

4CVSS4.7AI score0.02391EPSS
Exploits0
Rows per page
Query Builder