Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1596 matches found

Cvelist
Cvelistadded 2007/05/09 12:0 a.m.20 views

CVE-2007-2534

Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the 1 ADMINUSER USER and 2 ADMINPASS PASS parameters during a login. NOTE: CVE disputes this vulnerability, since ADMINUSER/ADMINPASS are initialized before use...

8.4AI score0.00849EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2007/05/09 12:0 a.m.8 views

CVE-2007-2534

Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the 1 ADMINUSER USER and 2 ADMINPASS PASS parameters during a login. NOTE: CVE disputes this vulnerability, since ADMINUSER/ADMINPASS are initialized before use...

8.8AI score0.00849EPSS
Exploits1References5
Packet Storm
Packet Stormadded 2007/05/08 12:0 a.m.86 views

phphoo3-sql.txt

phpHoo3 Login SQL injection // AYYILDIZ.ORG Gururla Sunar... download:http://cable-modems.org/phpHoo/files/phphoo3.zip author : iLker Kandemir mynet.com Risk : High Class : Remote Vuln. Script : phpHoo3 tnx : h0tturk,ekin0x,Gencnesil,Gencturk,koray,Ajann .. Vulnerable; ///admin.php code ;...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2007/05/04 12:0 a.m.18 views

sb-sql.txt

Remote Login Bypass SQL Injection Vulnerability admin.php AYYILDIZ.ORG Presents. SchoolBoard http://free-php-scripts.net/download.php?id=120 author : iLker Kandemir mynet.com Tnx : h0tturk,ekin0x,Dr.Max Virus,Gencnesil,Gencturk,Ajann Vulnerable; /admin.php...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2007/05/03 12:0 a.m.79 views

SchoolBoard (admin.php) Remote Login Bypass SQL Injection Vulnerability

Remote Login Bypass SQL Injection Vulnerability admin.php AYYILDIZ.ORG Presents. SchoolBoard http://free-php-scripts.net/download.php?id=120 author : iLker Kandemir ilkerkandemir at mynet.com Tnx : h0tturk,ekin0x,Dr.Max Virus,Gencnesil,Gencturk,Ajann Vulnerable; /admin.php...

0.8AI score
Exploits0
Cvelist
Cvelistadded 2007/04/27 4:0 p.m.25 views

CVE-2007-2339

Multiple SQL injection vulnerabilities in Phorum before 5.1.22 allow remote attackers to execute arbitrary SQL commands via 1 a modified recipients parameter name in a pm.php; 2 the curr parameter to the b badwords aka censorlist or c banlist module in admin.php; or 3 the "Edit groups / Add group...

8.5AI score0.04811EPSS
Exploits1References12
Prion
Prionadded 2007/04/25 4:19 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in admin.php in Phorum before 5.1.22 allow remote attackers to inject arbitrary web script or HTML via the 1 groupid parameter in the groups module or 2 the smileyid parameter in the smileys modsettings module...

4.3CVSS6.1AI score0.07763EPSS
Exploits1References9Affected Software1
NVD
NVDadded 2007/04/25 4:19 p.m.17 views

CVE-2007-2248

Multiple cross-site scripting XSS vulnerabilities in admin.php in Phorum before 5.1.22 allow remote attackers to inject arbitrary web script or HTML via the 1 groupid parameter in the groups module or 2 the smileyid parameter in the smileys modsettings module...

4.3CVSS5.8AI score0.07763EPSS
Exploits1References9
Prion
Prionadded 2007/04/25 4:19 p.m.10 views

Design/Logic Flaw

admin.php in Phorum before 5.1.22 allows remote attackers to obtain the full path via the module parameter...

5CVSS7.1AI score0.07419EPSS
Exploits1References9Affected Software1
CVE
CVEadded 2007/04/25 4:0 p.m.49 views

CVE-2007-2248

CVE-2007-2248 involves Phorum, specifically XSS in admin.php prior to 5.1.22. The vulnerabilities affect the group_id parameter in the groups module and the smiley_id parameter in the smileys modsettings module, enabling remote attackers to inject arbitrary web script or HTML. The connected docum...

4.3CVSS5.8AI score0.07763EPSS
Exploits1References9Affected Software1
Cvelist
Cvelistadded 2007/04/25 4:0 p.m.18 views

CVE-2007-2250

admin.php in Phorum before 5.1.22 allows remote attackers to obtain the full path via the module parameter...

6.6AI score0.07419EPSS
Exploits1References9
Exploit DB
Exploit DBadded 2007/04/23 12:0 a.m.19 views

Phorum 5.1.20 - 'admin.php' badwords/banlist Module SQL Injection

source: https://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting issues, because the application fails to sufficiently...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2007/04/23 12:0 a.m.11 views

Phorum 5.1.20 - admin.php badwordsbanlist Module SQL Injection

Phorum 5.1.20 - admin.php badwordsbanlist Module SQL Injection source: https://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site...

Exploits0
Prion
Prionadded 2007/04/12 7:19 p.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in admin/admin.php in Crea-Book 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 pseudo or 2 passe parameter...

7.5CVSS8.9AI score0.01217EPSS
Exploits0References5Affected Software1
Prion
Prionadded 2007/04/12 7:19 p.m.13 views

Authentication flaw

admin.php in pL-PHP beta 0.9 allows remote attackers to bypass authentication by setting the isadmin parameter to 1...

7.5CVSS7.5AI score0.03434EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2007/04/12 7:19 p.m.19 views

CVE-2007-2007

admin.php in pL-PHP beta 0.9 allows remote attackers to bypass authentication by setting the isadmin parameter to 1...

7.5CVSS6.9AI score0.03434EPSS
Exploits0References3
Prion
Prionadded 2007/04/12 7:19 p.m.23 views

Directory traversal

Directory traversal vulnerability in admin.php in pL-PHP beta 0.9 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter...

7.5CVSS7.6AI score0.06244EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2007/04/12 7:0 p.m.41 views

CVE-2007-2007

CVE-2007-2007 affects admin.php in pL-PHP beta 0.9. The vulnerability allows remote attackers to bypass authentication by setting the is_admin parameter to 1, enabling unauthorized access. The NVD entry assigns a CVSS v2 base score of 7.5 (HIGH) with Network attack vector, Low attack complexity, ...

7.5CVSS6.9AI score0.03434EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2007/04/12 7:0 p.m.21 views

CVE-2007-2007

admin.php in pL-PHP beta 0.9 allows remote attackers to bypass authentication by setting the isadmin parameter to 1...

6.9AI score0.03434EPSS
Exploits0References3
Cvelist
Cvelistadded 2007/04/12 7:0 p.m.27 views

CVE-2007-2008

Directory traversal vulnerability in admin.php in pL-PHP beta 0.9 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter...

7.1AI score0.06244EPSS
Exploits0References3
Rows per page
Query Builder