CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

exploitpack•added 2008/06/19 12:0 a.m.•9 views

vBulletin 3.7.1 - Moderation Control Panel redirect Cross-Site Scripting

vBulletin 3.7.1 - Moderation Control Panel redirect Cross-Site Scripting source: https://www.securityfocus.com/bid/29817/info vBulletin is prone to a cross-site scripting vulnerability that occurs in the MCP moderation control panel because the application fails to properly sanitize user-supplied...

6.8AI score

securityvulns•added 2008/06/19 12:0 a.m.•61 views

vBulletin 3.7.1 PL1 and lower, vBulletin 3.6.10 PL1: XSS in modcp index

====================================================================== Advisory : XSS in modcp index Release Date : June 17th 2008 Application : vBulletin Version : vBulletin 3.7.1 PL1 and lower, vBulletin 3.6.10 PL1 and lower Platform : PHP Vendor URL : http://www.vbulletin.com/ Authors : Jessic...

6.6AI score

Exploit DB•added 2008/06/19 12:0 a.m.•19 views

vBulletin 3.7.1 - Moderation Control Panel 'redirect' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29817/info vBulletin is prone to a cross-site scripting vulnerability that occurs in the MCP moderation control panel because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

ATTACKERKB•added 2008/06/18 10:41 p.m.•4 views

CVE-2008-2756

Cross-site scripting XSS vulnerability in admin/users.asp in Xigla Absolute Control Panel XE 1.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter and other unspecified parameters. NOTE: some of these details are obtained from third party information...

4.3CVSS5.8AI score0.01272EPSS

Exploits1References8

Cvelist•added 2008/06/18 10:0 p.m.•22 views

CVE-2008-2756

5.8AI score0.01272EPSS

Exploits1References6

CVE•added 2008/06/18 10:0 p.m.•45 views

CVE-2008-2756

CVE-2008-2756 is an XSS vulnerability in the admin/users.asp page of Xigla Absolute Control Panel XE 1.0. The issue allows remote attackers to inject arbitrary web script or HTML via the name parameter (and other unspecified parameters). The available connected documents confirm the affected prod...

4.3CVSS5.8AI score0.01272EPSS

Exploits1References6Affected Software1

Prion•added 2008/06/17 3:41 p.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in vBulletin 3.6.10 and 3.7.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors and an "obscure method." NOTE: the vector is probably in the redirect parameter to the Admin Control Panel admincp/index.php...

4.3CVSS6.1AI score0.01981EPSS

Exploits1References7Affected Software1

Packet Storm•added 2008/06/16 12:0 a.m.•18 views

anatacms-admin.txt

=============================================== Anata CMS 1.0b5 Arbitrary Add-Admin Exploit =============================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | /...

seebug.org•added 2008/06/16 12:0 a.m.•11 views

Anata CMS 1.0b5 (change.php) Arbitrary Add Admin Vulnerability

No description provided by source. =============================================== Anata CMS 1.0b5 Arbitrary Add-Admin Exploit =============================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

0day.today•added 2008/06/15 12:0 a.m.•22 views

Anata CMS 1.0b5 (change.php) Arbitrary Add Admin Vulnerability

Exploit for unknown platform in category web applications ============================================================== Anata CMS 1.0b5 change.php Arbitrary Add Admin Vulnerability ============================================================== ,--^----------,--------,-----,-------^--, | ||||||||...

securityvulns•added 2008/06/14 12:0 a.m.•89 views

Exploit for vBulletin "obscure" XSS (3.7.1 & 3.6.10)

====================================================================== Advisory : Exploit for vBulletin "obscure" XSS Release Date : June 13th 2008 Application : vBulletin Version : vBulletin 3.7.1 and lower, vBulletin 3.6.10 and lower Platform : PHP Vendor URL : http://www.vbulletin.com/ Authors...

6.1AI score

Packet Storm•added 2008/06/13 12:0 a.m.•30 views

vbulletin-xss.txt

seebug.org•added 2008/06/12 12:0 a.m.•13 views

IPTBB 0.5.6 Arbitrary Add-Admin Exploit

No description provided by source. ========================================= IPTBB 0.5.6 Arbitrary Add-Admin Exploit ========================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

Packet Storm•added 2008/06/11 12:0 a.m.•22 views

iptbb-admin.txt

========================================= IPTBB 0.5.6 Arbitrary Add-Admin Exploit ========================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / /...

0day.today•added 2008/06/11 12:0 a.m.•16 views

IPTBB 0.5.6 Arbitrary Add-Admin Exploit

Exploit for unknown platform in category web applications ======================================= IPTBB 0.5.6 Arbitrary Add-Admin Exploit ======================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

Packet Storm•added 2008/06/11 12:0 a.m.•23 views

absolute-screwups.txt

www.BugReport.ir AmnPardaz Security Research Team Title: Xigla Multiple Products - Multiple Vulnerabilities Vendor: http://www.xigla.com/ Exploit: N/A Impact: Medium Fix: N/A Original Advisory: http://bugreport.ir/index.php?/41 1. Description: Xigla company has several web based products From...

exploitpack•added 2008/06/11 12:0 a.m.•20 views

PHPEasyData 1.5.4 - adminlogin.php?Username SQL Injection

PHPEasyData 1.5.4 - adminlogin.php?Username SQL Injection source: https://www.securityfocus.com/bid/29659/info PHPEasyData is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage the cross-site...