Lucene search
+L

9747 matches found

NVD
NVD
added 2007/04/12 1:19 a.m.29 views

CVE-2007-1982

Multiple PHP remote file inclusion vulnerabilities in Really Simple PHP and Ajax RSPA 2007-03-23 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 IncludeFilePHPClass, 2 ClassPath, and 3 class parameters to a rspa/framework/Controllerv5.php, and b...

7.5CVSS7.6AI score0.09914EPSS
Exploits0References6
Cvelist
Cvelist
added 2007/04/12 1:0 a.m.32 views

CVE-2007-1982

Multiple PHP remote file inclusion vulnerabilities in Really Simple PHP and Ajax RSPA 2007-03-23 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 IncludeFilePHPClass, 2 ClassPath, and 3 class parameters to a rspa/framework/Controllerv5.php, and b...

7.6AI score0.09914EPSS
Exploits0References6
CVE
CVE
added 2007/04/12 1:0 a.m.45 views

CVE-2007-1982

CVE-2007-1982 concerns multiple PHP remote file inclusion vulnerabilities in Really Simple PHP and Ajax (RSPA) versions up to 2007-03-23 and earlier. The flaw allows remote attackers to execute arbitrary PHP code by supplying a URL in the (1) __IncludeFilePHPClass, (2) __ClassPath, and (3) __clas...

7.5CVSS7.6AI score0.09914EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2007/04/10 12:0 a.m.10 views

PT-2007-1156

Name of the Vulnerable Software and Affected Versions: jquery versions prior to 3.0.0 Description: The issue is related to the lack of protection for the structure of web pages, allowing a remote attacker to perform cross-site scripting using cross-domain ajax requests. When a cross-domain Ajax...

8.1CVSS7.5AI score0.99019EPSS
Exploits23References192
securityvulns
securityvulns
added 2007/04/05 12:0 a.m.202 views

RSPA Remote File Inclusion

RSPA Remote File Inclusion Really Simple PHP and Ajax RSPA RSPA is a component based event driven ajax enabled framework for PHP4 and PHP 5. It is a combination of plane PHP class and HTML/Javascript.RSPA allows calling server side PHP functions from client javascript events. Visit...

0.8AI score
Exploits0
seebug.org
seebug.org
added 2007/04/03 12:0 a.m.15 views

Really Simple PHP and Ajax (RSPA) 2007-03-23 RFI Vulnerability

No description provided by source. RSPA Remote File Inclusion Really Simple PHP and Ajax RSPA RSPA is a component based event driven ajax enabled framework for PHP4 and PHP 5. It is a combination of plane PHP class and HTML/Javascript.RSPA allows calling server side PHP functions from client...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/04/02 12:0 a.m.17 views

Really Simple PHP and Ajax (RSPA) 2007-03-23 - Remote File Inclusion

Really Simple PHP and Ajax RSPA 2007-03-23 - Remote File Inclusion RSPA Remote File Inclusion Really Simple PHP and Ajax RSPA RSPA is a component based event driven ajax enabled framework for PHP4 and PHP 5. It is a combination of plane PHP class and HTML/Javascript.RSPA allows calling server sid...

0.4AI score
Exploits0
0day.today
0day.today
added 2007/04/02 12:0 a.m.38 views

Really Simple PHP and Ajax (RSPA) 2007-03-23 RFI Vulnerability

Exploit for unknown platform in category web applications ============================================================== Really Simple PHP and Ajax RSPA 2007-03-23 RFI Vulnerability ============================================================== RSPA Remote File Inclusion Really Simple PHP and Aja...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/04/02 12:0 a.m.36 views

Really Simple PHP and Ajax (RSPA) 2007-03-23 - Remote File Inclusion

RSPA Remote File Inclusion Really Simple PHP and Ajax RSPA RSPA is a component based event driven ajax enabled framework for PHP4 and PHP 5. It is a combination of plane PHP class and HTML/Javascript.RSPA allows calling server side PHP functions from client javascript events. Visit...

7.4AI score
Exploits0
Prion
Prion
added 2007/03/13 1:19 a.m.15 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Softnews Media Group DataLife Engine allow remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter to 1 init.php and 2 Ajax/editnews.php. NOTE: some of these details are obtained from third party information...

7.5CVSS8.1AI score0.02585EPSS
Exploits1References4Affected Software1
seebug.org
seebug.org
added 2007/03/12 12:0 a.m.58 views

WORK system e-commerce <= 3.0.5 Remote File Inclusion Vulnerability

No description provided by source. Rodrigo Duarte WuefezAT2die4.com ;D WORK system e-commerce: WORK PHP,Mysql content management system CMS e-commerce or not : ajax, workflow, content,package,language,currency,country,price,stock,group user,CSS,banner,logo,...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/10 12:0 a.m.23 views

WORK system e-commerce &lt;= 3.0.5 Remote File Inclusion Vulnerability

No description provided by source. Rodrigo Duarte WuefezAT2die4.com ;D WORK system e-commerce: WORK PHP,Mysql content management system CMS e-commerce or not : ajax, workflow, content,package,language,currency,country,price,stock,group user,CSS,banner,logo,...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/02/23 12:0 a.m.24 views

mediawiki-xss.txt

MediaWiki Cross-site Scripting Vulnerabilities. Date: 18/02/2007 Vendor: MediaWiki Vulnerable versions: MediaWiki 1.9.2 latest and below. Description: MediaWiki v1.8.2 and below are vulnerable to plain Cross-site scripting attack by expliting the experimental AJAX features, if enabled default. Th...

7.4AI score
Exploits0
NVD
NVD
added 2007/02/21 11:28 p.m.26 views

CVE-2007-1054

Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.6.x through 1.9.2, when $wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded value of the rs parameter, which is processed by Internet Explorer...

6.8CVSS5.5AI score0.01944EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2007/02/21 11:28 p.m.33 views

CVE-2007-1055

Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177...

6.8CVSS6AI score0.0207EPSS
Exploits1References1
OSV
OSV
added 2007/02/21 11:28 p.m.6 views

DEBIAN-CVE-2007-1054

Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.6.x through 1.9.2, when $wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded value of the rs parameter, which is processed by Internet Explorer...

6.8CVSS6AI score0.01944EPSS
Exploits1References1
NVD
NVD
added 2007/02/21 11:28 p.m.26 views

CVE-2007-1055

Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177...

6.8CVSS5.5AI score0.0207EPSS
Exploits1References6
Prion
Prion
added 2007/02/21 11:28 p.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177...

6.8CVSS5.8AI score0.03333EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2007/02/21 11:28 p.m.3 views

DEBIAN-CVE-2007-1055

Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177...

6.8CVSS6AI score0.0207EPSS
Exploits1References1
OSV
OSV
added 2007/02/21 11:28 p.m.13 views

CVE-2007-1054

Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.6.x through 1.9.2, when $wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded value of the rs parameter, which is processed by Internet Explorer...

5.7AI score
Exploits0References10
Rows per page
Query Builder