Lucene search
+L

4978 matches found

Cvelist
Cvelist
added 2005/12/20 11:0 a.m.20 views

CVE-2005-4396

Cross-site scripting XSS vulnerability in admin/Default.asp in iCMS allows remote attackers to inject arbitrary web script or HTML via the LoginMSG parameter. NOTE: the provenance of this issue is unknown; the details were obtained solely from third party sources...

5.7AI score0.00938EPSS
Exploits0References2
securityvulns
securityvulns
added 2005/12/05 12:0 a.m.31 views

Relative Real Estate Systems SQL inj. vuln.

Relative Real Estate Systems SQL inj. vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 Orginal advisory:http://pridels.blogspot.com/2005/12/relative-real-estate-systems-sql-inj.html Vendor:http://www.dboorn.com/estate/ affected version:1.02 and prior Product Description: Elegant real estate scrip...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2005/11/28 12:0 a.m.29 views

AllWeb search SQL inj. vuln.

AllWeb search SQL inj. vuln. Vuln. dicovered by : r0t Date: 28 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/allweb-search-sql-inj-vuln.html Vendor:http://www.scripts-templates.com affected version: 3.0 and prior Product Description: Want to make money from your site traffic?...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2005/11/26 12:0 a.m.34 views

Amazon Shop 5.0.0 XSS vuln.

Amazon Shop 5.0.0 XSS vuln. Vuln. dicovered by : r0t Date: 26 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/amazon-shop-500-xss-vuln.html Vendor:http://www.ghostscripter.com/amazonshop.php affected version:5.0.0 and prior Product description: With Amazon Shop you can run your ver...

Exploits0
securityvulns
securityvulns
added 2005/11/25 12:0 a.m.28 views

pdjk-support suite sql inj.

pdjk-support suite sql inj. Vuln. dicovered by : r0t Date: 25 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/pdjk-support-suite-sql-inj.html Vendor:http://support.pdjkeelan.com/ affected vesion: 1.1a retail edition and prior. Product Description: The pdjk-support suite is a full...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2005/11/22 12:0 a.m.37 views

AlstraSoft EPay Pro "pmodule" SQL Injection Vulnerability

AlstraSoft EPay Pro "pmodule" SQL Injection Vulnerability Vuln. dicovered by : r0t Vendor:http://www.alstrasoft.com/ Product link: http://www.alstrasoft.com/epay.htm affected version:v2.0 Product Overview: How would you like to own your very own payment processing website and business built with...

0.7AI score
Exploits0
NVD
NVD
added 2005/11/18 11:3 p.m.23 views

CVE-2005-3679

SQL injection vulnerability in admin/index.php in ActiveCampaign 1-2-All Broadcast Email allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username field in the admin control panel...

7.5CVSS8.6AI score0.01265EPSS
Exploits1References3
Cvelist
Cvelist
added 2005/11/18 11:0 p.m.24 views

CVE-2005-3679

SQL injection vulnerability in admin/index.php in ActiveCampaign 1-2-All Broadcast Email allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username field in the admin control panel...

8.6AI score0.01265EPSS
Exploits1References3
securityvulns
securityvulns
added 2005/11/07 12:0 a.m.64 views

Failles dans Invision Power Board 2.1 [xss]

Auteur : benjilenoob WebSite : http://benji.redkod.org/ and http://www.redkod.org/ Audit in pdf : http://benji.redkod.org/audits/ipb.2.1.pdf Produit : Invision power board Version : 2.1 Types de failles : Xss permanentes et non permanentes. Risque : Faible. I- failles XSS non critique:...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2005/09/28 12:0 a.m.26 views

SEO borad: SQL injection

Product: SEO-Board Version: 1.02 Author: Hristo Hristov URL: http://seo-board.com VULNERABILITY CLASS: SQL injection through cookie PRODUCT DESCRIPTION SEO-Board is a forum software that's fast, free, and search engine friendly. It is written in PHP and use MySQL database. VULNERABILITY Vulnerabl...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2005/09/21 12:0 a.m.46 views

[BuHa-Security] Multiple vulnerabilities in (admincp/modcp of) vBulletin 3.0.8/9

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 --------------------------------------------------- | BuHa Security-Advisory 3 | Sep 17th, 2005 | | feat. SePro Bugtraq | | --------------------------------------------------- | Vendor | vBulletin | | URL | http://vbulletin.com/ | | Version | =...

Exploits0
securityvulns
securityvulns
added 2005/09/02 12:0 a.m.28 views

XSS in GreyMatter blog

Graymatter - perl based web blog. offsite: http://www.greymatterforums.com/ GM analyze posting comments and if post contain some dangerous code like script/script, administrator get message about it in log files. Log files contain not only message, but dangerous code. When admin try to look log...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/09/01 12:0 a.m.26 views

greymatterXSS.txt

Graymatter - perl based web blog. offsite: http://www.greymatterforums.com/ GM analyze posting comments and if post contain some dangerous code like , administrator get message about it in log files. Log files contain not only message, but dangerous code. When admin try to look log files Admin...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/08/14 12:0 a.m.21 views

gurgens21.txt

Update: 1:02 AM 5/13/2005 Subject: " Gurgens Guest Book Password Database Vulnerability " Vulnerable version: Guest Book 2.1 Description: Guest Book is a complete solution which requires none or very little effort to set up and match existing website configuration. Control Panel with "Virtual...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/08/06 12:0 a.m.31 views

cjultraSQL.txt

ADVISORY Sql Injection in CJ Ultra Plus v1.0.3-1.0.4? "My God, it's full of stars" - c MwNN Vulnerable code is in out.php ... if isset$perm $query = "select a1, a2 from trade where a1 = '$perm'"; So... Exploit:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/08/02 12:0 a.m.30 views

[SVadvisory] - SQL injection in OpenBook 1.2.2

SVadvisory12 Title: SQl injection Product: OpenBook Version: 1.2.2 Site: http://openbook.sourceforge.net/ Vulnerabilities Code: function authuser$userid, $password global $HTTPPOSTVARS; global $admintable; $userid=$HTTPPOSTVARS'userid'; $password=$HTTPPOSTVARS'password'; dbconnect; $query="SELECT...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2005/08/02 12:0 a.m.27 views

[SVadvisory] - SQL injection in OpenBook 1.2.2

SVadvisory12 Title: SQl injection Product: OpenBook Version: 1.2.2 Site: http://openbook.sourceforge.net/ Vulnerabilities Code: function authuser$userid, $password global $HTTPPOSTVARS; global $admintable; $userid=$HTTPPOSTVARS'userid'; $password=$HTTPPOSTVARS'password'; dbconnect; $query="SELECT...

0.2AI score
Exploits0
Cvelist
Cvelist
added 2005/06/20 4:0 a.m.18 views

CVE-2005-1998

Directory traversal vulnerability in admin.php in McGallery 1.1 allows remote attackers to read arbitrary files via a .. dot dot in the lang parameter...

6.7AI score0.0307EPSS
Exploits0References5
securityvulns
securityvulns
added 2005/05/28 12:0 a.m.32 views

[Full-disclosure] Invision Power Board 1.x and 2.x Privilege Escalation Vulnerability

If an non-root admin goes to delete their own group, they are taken to a screen that says "Move users in this group to..." in which they can select the root admin group and move themselves into it. actually, they can move all users in any group into the root admin group root admins have complete...

1AI score
Exploits0
CVE
CVE
added 2005/05/11 4:0 a.m.49 views

CVE-2005-1512

CVE-2005-1512 concerns the Admin panel of PwsPHP 1.2.2 , where the upload validation for image files is inadequate. The vulnerability allows remote attackers to upload potentially arbitrary files, which could lead to arbitrary code execution on the server. The CVSS details from the entry indicate...

7.5CVSS7.8AI score0.01549EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder