Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

311 matches found

NVD
NVDadded 2007/12/15 1:46 a.m.16 views

CVE-2007-6375

Multiple SQL injection vulnerabilities in Bitweaver 2.0.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 sortmode parameter to wiki/listpages.php and the 2 highlight parameter to search/index.php. NOTE: the researcher also reported injection via JavaScript code in...

7.5CVSS8.4AI score0.01002EPSS
Exploits1References5
NVD
NVDadded 2007/12/15 1:46 a.m.14 views

CVE-2007-6374

Multiple cross-site scripting XSS vulnerabilities in Bitweaver 2.0.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 users/register.php or 2 search/index.php, or an editcomments action in 3 wiki/index.php or 4 forums/index.php. NOTE: the error...

4.3CVSS5.7AI score0.02211EPSS
Exploits1References9
Cvelist
Cvelistadded 2007/12/15 1:0 a.m.16 views

CVE-2007-6374

Multiple cross-site scripting XSS vulnerabilities in Bitweaver 2.0.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 users/register.php or 2 search/index.php, or an editcomments action in 3 wiki/index.php or 4 forums/index.php. NOTE: the error...

5.7AI score0.02211EPSS
Exploits1References9
Cvelist
Cvelistadded 2007/12/15 1:0 a.m.20 views

CVE-2007-6375

Multiple SQL injection vulnerabilities in Bitweaver 2.0.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 sortmode parameter to wiki/listpages.php and the 2 highlight parameter to search/index.php. NOTE: the researcher also reported injection via JavaScript code in...

8.4AI score0.01002EPSS
Exploits1References5
CVE
CVEadded 2007/12/15 1:0 a.m.42 views

CVE-2007-6375

CVE-2007-6375 affects Bitweaver 2.0.0 and earlier. The vulnerability comprises multiple SQL injection flaws that allow remote attackers to execute arbitrary SQL commands via (1) the sort_mode parameter to wiki/list_pages.php and (2) the highlight parameter to search/index.php. A report also menti...

7.5CVSS8.4AI score0.01002EPSS
Exploits1References5Affected Software1
CVE
CVEadded 2007/12/15 1:0 a.m.50 views

CVE-2007-6374

CVE-2007-6374 concerns multiple XSS flaws in Bitweaver 2.0.0 and earlier, exploitable via PATH_INFO in four endpoints: /users/register.php, /search/index.php, /wiki/index.php (editcomments action), and /forums/index.php. The vulnerability allows remote attackers to inject arbitrary script or HTML...

4.3CVSS5.7AI score0.02211EPSS
Exploits1References9Affected Software1
securityvulns
securityvulnsadded 2007/12/13 12:0 a.m.61 views

Bitweaver XSS & SQL Injection Vulnerability

HSC Bitweaver XSS & SQL Injection Vulnerability Bitweaver is an open source content management system. Its speed and power are ideal for large-scale community websites and corporate applications, but it is simple enough for non-technical small site users to set up and administrate. It comes fully...

7AI score
Exploits0
Packet Storm
Packet Stormadded 2007/12/10 12:0 a.m.37 views

bitweaver-sqlxss.txt

HSC Bitweaver XSS & SQL Injection Vulnerability Bitweaver is an open source content management system. Its speed and power are ideal for large-scale community websites and corporate applications, but it is simple enough for non-technical small site users to set up and administrate. It comes fully...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2007/11/10 12:0 a.m.12 views

Bitweaver 1.x2.0 - searchindex.php?highlight SQL Injection

Bitweaver 1.x2.0 - searchindex.php?highlight SQL Injection source: https://www.securityfocus.com/bid/26801/info Bitweaver is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input including multiple cross-site scripting...

Exploits0
exploitpack
exploitpackadded 2007/11/10 12:0 a.m.7 views

Bitweaver 1.x2.0 - usersregister.php Cross-Site Scripting

Bitweaver 1.x2.0 - usersregister.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26801/info Bitweaver is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input including multiple cross-site scripting...

6.8AI score
Exploits0
Exploit DB
Exploit DBadded 2007/11/10 12:0 a.m.38 views

Bitweaver 1.x/2.0 - 'search/index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26801/info Bitweaver is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input including multiple cross-site scripting vulnerabilities, multiple HTML-injection vulnerabilities, and an...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2007/11/10 12:0 a.m.24 views

Bitweaver 1.x/2.0 - 'users/register.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26801/info Bitweaver is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input including multiple cross-site scripting vulnerabilities, multiple HTML-injection vulnerabilities, and an...

7.4AI score
Exploits0
Prion
Prionadded 2007/01/26 1:28 a.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Bitweaver 1.3.1 allow remote attackers to inject arbitrary web script or HTML via the URL PATHINFO to 1 articles/edit.php, 2 articles/list.php, 3 blogs/listblogs.php, or 4 blogs/rankings.php...

4.3CVSS5.9AI score0.01422EPSS
Exploits0References7Affected Software1
NVD
NVDadded 2007/01/26 1:28 a.m.20 views

CVE-2007-0526

Multiple cross-site scripting XSS vulnerabilities in Bitweaver 1.3.1 allow remote attackers to inject arbitrary web script or HTML via the URL PATHINFO to 1 articles/edit.php, 2 articles/list.php, 3 blogs/listblogs.php, or 4 blogs/rankings.php...

4.3CVSS5.7AI score0.01422EPSS
Exploits0References7
Cvelist
Cvelistadded 2007/01/26 1:0 a.m.24 views

CVE-2007-0526

Multiple cross-site scripting XSS vulnerabilities in Bitweaver 1.3.1 allow remote attackers to inject arbitrary web script or HTML via the URL PATHINFO to 1 articles/edit.php, 2 articles/list.php, 3 blogs/listblogs.php, or 4 blogs/rankings.php...

5.7AI score0.01422EPSS
Exploits0References7
CVE
CVEadded 2007/01/26 1:0 a.m.51 views

CVE-2007-0526

CVE-2007-0526 describes multiple XSS vulnerabilities in Bitweaver 1.3.1. The attack vectors exploit the PATH_INFO portion of the URL to inject arbitrary script/HTML via the following pages: articles/edit.php, articles/list.php, blogs/list_blogs.php, and blogs/rankings.php. Root cause is cross-sit...

4.3CVSS5.7AI score0.01422EPSS
Exploits0References7Affected Software1
seebug.org
seebug.orgadded 2007/01/25 12:0 a.m.26 views

bitweaver 1.3.1 XSS Exploit

No description provided by source. -=--------------------ADVISORY-------------------=- bitweaver 1.3.1 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: bitweaver -=+ Version: 1.3.1 -=+ Vendor's URL: http://www.bitweaver.org/articles/...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2007/01/24 12:0 a.m.36 views

bitweaver-xss.txt

-=--------------------ADVISORY-------------------=- bitweaver 1.3.1 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: bitweaver -=+ Version: 1.3.1 -=+ Vendor's URL: http://www.bitweaver.org/articles/ -=+ Platform: Windows\Linux\Unix -=+ Bug typ...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2007/01/24 12:0 a.m.79 views

[x0n3-h4ck] bitweaver 1.3.1 XSS Exploit

-=--------------------ADVISORY-------------------=- bitweaver 1.3.1 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: bitweaver -=+ Version: 1.3.1 -=+ Vendor's URL: http://www.bitweaver.org/articles/ -=+ Platform: WindowsLinuxUnix -=+ Bug type:...

7.1AI score
Exploits0
exploitpack
exploitpackadded 2007/01/22 12:0 a.m.13 views

Bitweaver 1.3.1 Articles and Blogs - Multiple Cross-Site Scripting Vulnerabilities

Bitweaver 1.3.1 Articles and Blogs - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/22169/info Bitweaver is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may...

7AI score
Exploits0
Rows per page
Query Builder