Lucene search
K

36 matches found

Positive Technologies
Positive Technologies
added 2023/04/03 12:0 a.m.7 views

PT-2023-13663 · Unknown · Bluepage Cms

Name of the Vulnerable Software and Affected Versions: BluePage CMS versions 3.9 and earlier Description: The issue allows MySQL Injection in the users-cookie-settings token using a Time-based blind SLEEP payload due to insufficient sanitization of the HTTP Header Cookie value. Recommendations: F...

9.8CVSS9.3AI score0.01081EPSS
Exploits2References6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

BLUEPAGE CMS 2.5 'PHPSESSID' Session Fixation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31315/info BLUEPAGE CMS is prone to a session-fixation vulnerability. Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the affected application. BLUEPAGE CMS 2.5 is vulnerable;...

7.1AI score
Exploits0
NVD
NVD
added 2009/02/03 11:30 a.m.12 views

CVE-2008-6027

Multiple cross-site scripting XSS vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 whl, 2 var1, and 3 search parameters...

4.3CVSS5.8AI score0.01146EPSS
Exploits0References5
Prion
Prion
added 2009/02/03 11:30 a.m.10 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 whl, 2 var1, and 3 search parameters...

4.3CVSS6.1AI score0.01146EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2009/02/03 11:30 a.m.20 views

Session fixation

Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter...

6.8CVSS7.2AI score0.02062EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2009/02/03 11:30 a.m.5 views

CVE-2008-6027

Multiple cross-site scripting XSS vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 whl, 2 var1, and 3 search parameters...

4.3CVSS5.8AI score0.01146EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2009/02/03 11:30 a.m.3 views

CVE-2008-6039

Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter...

6.8CVSS5.8AI score0.02062EPSS
Exploits1References6
NVD
NVD
added 2009/02/03 11:30 a.m.19 views

CVE-2008-6039

Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter...

6.8CVSS6.7AI score0.02062EPSS
Exploits1References5
CVE
CVE
added 2009/02/03 11:0 a.m.43 views

CVE-2008-6027

CVE-2008-6027 concerns multiple XSS vulnerabilities in index.php of BLUEPAGE CMS (version 2.5 and earlier). The weaknesses enable remote attackers to inject arbitrary web script or HTML via the whl, var_1, and search parameters, as described in the NVD entry. Connected records consistently refere...

4.3CVSS5.9AI score0.01146EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2009/02/03 11:0 a.m.16 views

CVE-2008-6027

Multiple cross-site scripting XSS vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 whl, 2 var1, and 3 search parameters...

5.8AI score0.01146EPSS
Exploits0References5
CVE
CVE
added 2009/02/03 11:0 a.m.52 views

CVE-2008-6039

The CVE-2008-6039 entry documents a session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier . An attacker can hijack a user’s web session by manipulating the PHPSESSID parameter, enabling remote session takeover. This is described across multiple sources (NVD, CVE listing) with a MEDIUM ba...

6.8CVSS6.9AI score0.02062EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2009/02/03 11:0 a.m.24 views

CVE-2008-6039

Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter...

6.7AI score0.02062EPSS
Exploits1References5
securityvulns
securityvulns
added 2008/09/24 12:0 a.m.51 views

[MajorSecurity Advisory #53]BLUEPAGE CMS - Cross Site Scripting and Session Fixation Issues

MajorSecurity Advisory 53BLUEPAGE CMS - Cross Site Scripting and Session Fixation Issues Details ======= Product: BLUEPAGE CMS Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.bluepage-cms.com/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered b...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2008/09/22 12:0 a.m.16 views

BLUEPAGE CMS 2.5 - PHPSESSID Session Fixation

BLUEPAGE CMS 2.5 - PHPSESSID Session Fixation source: https://www.securityfocus.com/bid/31315/info BLUEPAGE CMS is prone to a session-fixation vulnerability. Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the affected application. BLUEPAGE CMS 2.5 is...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/09/22 12:0 a.m.31 views

major_rls53.txt

MajorSecurity Advisory 53BLUEPAGE CMS - Cross Site Scripting and Session Fixation Issues Details ======= Product: BLUEPAGE CMS Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.bluepage-cms.com/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered b...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/09/22 12:0 a.m.28 views

BLUEPAGE CMS 2.5 - 'PHPSESSID' Session Fixation

source: https://www.securityfocus.com/bid/31315/info BLUEPAGE CMS is prone to a session-fixation vulnerability. Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the affected application. BLUEPAGE CMS 2.5 is vulnerable; other versions may also be affected...

7.4AI score
Exploits0
Rows per page
Query Builder