Lucene search
+L

248 matches found

Cvelist
Cvelist
added 2006/01/18 2:0 a.m.26 views

CVE-2006-0249

SQL injection vulnerability in viewcat.php in BitDamaged geoBlog MOD1.0 allows remote attackers to execute arbitrary SQL commands, then steal credentials and upload files, via the cat parameter $tmpCategory variable...

8.2AI score0.01294EPSS
Exploits1References7
Prion
Prion
added 2006/01/18 1:51 a.m.19 views

Sql injection

SQL injection vulnerability in viewcat.php in BitDamaged geoBlog MOD1.0 allows remote attackers to execute arbitrary SQL commands, then steal credentials and upload files, via the cat parameter $tmpCategory variable...

7.5CVSS8.9AI score0.01294EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2006/01/18 1:7 a.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in GTP iCommerce allows remote attackers to inject arbitrary web script or HTML via the 1 cat and 2 subcat parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS6AI score0.01736EPSS
Exploits1References4
NVD
NVD
added 2006/01/07 12:3 a.m.14 views

CVE-2006-0109

Cross-site scripting vulnerability in category.php in Modular Merchant Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

5CVSS6.2AI score0.01656EPSS
Exploits1References7
Prion
Prion
added 2006/01/05 11:3 a.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in @Card ME PHP allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

4.3CVSS6.2AI score0.01255EPSS
Exploits1References4
NVD
NVD
added 2006/01/05 11:3 a.m.12 views

CVE-2006-0093

Cross-site scripting XSS vulnerability in index.php in @Card ME PHP allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

4.3CVSS5.8AI score0.01255EPSS
Exploits1References4
Cvelist
Cvelist
added 2006/01/05 11:0 a.m.19 views

CVE-2006-0093

Cross-site scripting XSS vulnerability in index.php in @Card ME PHP allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

5.8AI score0.01255EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/12/20 1:0 a.m.17 views

CVE-2005-4355

Multiple cross-site scripting XSS vulnerabilities in UStore allow remote attackers to inject arbitrary web script or HTML via the 1 Cat parameter in default.asp and the 2 accessdenied parameter in admin/default.asp. NOTE: the provenance of this information is unknown; the details are obtained...

5.7AI score0.01177EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2005/12/14 12:0 a.m.5 views

PT-2005-4920 · Jamit · Jamit Job Board

Name of the Vulnerable Software and Affected Versions: Jamit Job Board versions 2.4.1 and earlier Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the cat parameter in the "index.php" file. The vendor has disputed this issue, claiming it has no basi...

7.5CVSS8.7AI score0.01206EPSS
Exploits0References8
Cvelist
Cvelist
added 2005/12/13 11:0 a.m.21 views

CVE-2005-4198

SQL injection vulnerability in index.php in Netref 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this issue is unknown; the details were obtained solely from third party sources...

8.3AI score0.01251EPSS
Exploits1References6
Cvelist
Cvelist
added 2005/12/08 1:0 a.m.18 views

CVE-2005-4075

Multiple cross-site scripting XSS vulnerabilities in index.cfm in CFNuke 4.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 topic and 2 newsid parameter in the news sector, and 3 cat parameter in the links sector...

5.8AI score0.01875EPSS
Exploits0References6
securityvulns
securityvulns
added 2005/12/05 12:0 a.m.27 views

Blog System v1.2 SQL inj. vuln.

Blog System v1.2 SQL inj. vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html vendor:http://www.netartmedia.net/blogsystem/ affected version:v1.2 and prior Product Description: Blog System allows you to launch and...

0.3AI score
Exploits0
NVD
NVD
added 2005/11/27 11:3 a.m.12 views

CVE-2005-3854

Cross-site scripting XSS vulnerability in index.php in EasyPageCMS allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

4.3CVSS5.7AI score0.01257EPSS
Exploits1References3
NVD
NVD
added 2005/11/26 2:3 a.m.19 views

CVE-2005-3816

Multiple SQL injection vulnerabilities in forum.php in freeForum 1.1 and earlier and earlier allow remote attackers to execute arbitrary SQL commands via the 1 cat parameter or 2 thread parameter in thread mode...

7.5CVSS8.5AI score0.01233EPSS
Exploits0References6
CVE
CVE
added 2005/10/25 4:0 a.m.61 views

CVE-2004-2509

Infopop UBB.Threads exposes XSS in multiple pages. Affected versions include 6.2.3 and 6.5, with vulnerable scripts calendar.php, login.php, and online.php. The underlying issue is cross-site scripting via the Cat parameter, enabling remote attackers to inject arbitrary script/HTML into a user’s ...

4.3CVSS6.2AI score0.02233EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2005/10/25 4:0 a.m.20 views

CVE-2004-2510

Cross-site scripting XSS vulnerability in showflat.php in Infopop UBB.Threads before 6.5 allows remote attackers to inject arbitrary web script or HTML via the Cat parameter...

5.8AI score0.03922EPSS
Exploits1References6
Cvelist
Cvelist
added 2005/10/25 4:0 a.m.30 views

CVE-2004-2509

Cross-site scripting XSS vulnerabilities in 1 calendar.php, 2 login.php, and 3 online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote attackers to inject arbitrary web script or HTML via the Cat parameter...

6.1AI score0.02233EPSS
Exploits1References8
CVE
CVE
added 2005/08/19 4:0 a.m.48 views

CVE-2003-1231

CVE-2003-1231: Cross-site scripting (XSS) in ECW-Shop 5.5 (index.php) allows remote attackers to inject arbitrary script/HTML via the cat parameter. The provided sources describe the vulnerability but do not include explicit exploit code, affected versions beyond 5.5, or remediation steps. No add...

4.3CVSS6AI score0.01255EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2005/08/19 4:0 a.m.21 views

CVE-2003-1231

Cross-site scripting XSS vulnerability in index.php in ECW-Shop 5.5 allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

5.7AI score0.01255EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2005/06/01 4:0 a.m.38 views

CVE-2005-1810

SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $catID variable, as demonstrated using the cat parameter to index.php...

7.5CVSS7.3AI score0.03139EPSS
Exploits0
Rows per page
Query Builder