CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2006/01/14 1:0 a.m.•15 views

CVE-2006-0211

5.7AI score0.01941EPSS

NVD•added 2006/01/13 11:3 a.m.•14 views

CVE-2006-0193

Cross-site scripting XSS vulnerability in the Hosting Control Panel psoft.hsphere.CP in Positive Software H-Sphere 2.4.3 Patch 8 and earlier allows remote attackers to inject arbitrary web script or HTML via the login parameter in a login action...

4.3CVSS5.7AI score0.01342EPSS

Prion•added 2006/01/13 11:3 a.m.•13 views

Cross site scripting

4.3CVSS6.2AI score0.01342EPSS

Exploits0References7Affected Software1

Cvelist•added 2006/01/13 11:0 a.m.•19 views

CVE-2006-0193

5.7AI score0.01342EPSS

CVE•added 2006/01/13 11:0 a.m.•42 views

CVE-2006-0193

CVE-2006-0193 is an XSS vulnerability in the Hosting Control Panel (psoft.hsphere.CP) of Positive Software H-Sphere, affecting version 2.4.3 Patch 8 and earlier. The issue arises from a flaw in the login action where the login parameter can be exploited to inject arbitrary web script/HTML. The NV...

4.3CVSS5.7AI score0.01342EPSS

Exploits0References7Affected Software1

securityvulns•added 2006/01/13 12:0 a.m.•38 views

M.Neset KABAKLI

I.Vulnerability H-Sphere Hosting Control Panel Cross Site Scripting Vulnerability II.Vendor Positive Software www.psoft.net III.Affected Systems H-Sphere = 2.4.3 Patch 8 IV.About H-Sphere is a scalable multiserver web hosting control panel that provides complete hosting automation for Linux, BSD ...

0.1AI score

NVD•added 2005/12/31 5:0 a.m.•13 views

CVE-2005-4861

functions.php in Ragnarok Online Control Panel ROCP 4.3.4a allows remote attackers to bypass authentication by requesting accountmanage.php with a trailing "/login.php" PHPSELF value, which is not properly handled by the CHECKAUTH function...

7.5CVSS6.9AI score0.01483EPSS

Exploits0References4

myhack58•added 2005/12/29 12:0 a.m.•14 views

Moving-2 0 0 5 upload vulnerability-vulnerability warning-the black bar safety net

I haven't writtenthe article, this text is mainly to explain two techniques: one is the dexterity of the injection; the second is not into the background subtly Upload a WebShell to. Hope all my friends can draw inferences, inappropriate please master exhibitions. A, injection vulnerabilities...

8.1AI score

Packet Storm•added 2005/12/14 12:0 a.m.•27 views

DRZESHMS.txt

Description: http://www.drzes.com/ An all-in-one web hosting management system. A feature-rich, robust, easy-to-use control panel and billing system. A "self-branding" web hosting management system. No DRZES branding. Both the admin and customer can control multiple plans/servers from one...

Packet Storm•added 2005/11/30 12:0 a.m.•34 views

vbullXSS.txt

re, submissionsatpacketstormsecurity.org. http://nshell.h15.ru/advisory's/vBulletin%203.5.1xss.txt ========================================================= = N Shell : advizory = ========================================================= PRODUCT: vBulletin 3.5.1 DESCRIPTION: vBulletin is a...

Packet Storm•added 2005/11/15 12:0 a.m.•26 views

12allSQL.txt

1-2-All Broadcast E-mail Software POC Supplying the following is sufficient to gain access to the admin control panel: Target : http://www.example.com/12allTarget/admin/index.php Username: ' or 1=1 / Password: NothingBlank Report By : POPO FromIRAN www.Babol-Hackers.com [email protected] Y! ID :...

myhack58•added 2005/11/13 12:0 a.m.•39 views

Build radmin self-extracting of to penetrate the XP SP2 firewall-vulnerability warning-the black bar safety net

English: HACKER007 QQ:5 0 8 8 6 8 6 8 Radmin this remote management software get a lot of people of all ages, it is fast. This is one of its advantages, but also several of its advantages is to number it not to killvirussoftware the kill. About radmin's advantages I will not say more. Online I se...

0.8AI score

exploitpack•added 2005/11/12 12:0 a.m.•20 views

ActiveCampaign 1-2-All Broadcast Email 4.0 - Admin Control Panel Username SQL Injection

ActiveCampaign 1-2-All Broadcast Email 4.0 - Admin Control Panel Username SQL Injection source: https://www.securityfocus.com/bid/15400/info ActiveCampaign 1-2-All Broadcast Email is prone to an SQL-injection vulnerability. This is an input-validation issue related to data that will be used in SQ...

0.4AI score

Exploit DB•added 2005/11/12 12:0 a.m.•21 views

ActiveCampaign 1-2-All Broadcast Email 4.0 - Admin Control Panel 'Username' SQL Injection

source: https://www.securityfocus.com/bid/15400/info ActiveCampaign 1-2-All Broadcast Email is prone to an SQL-injection vulnerability. This is an input-validation issue related to data that will be used in SQL queries, allowing a remote user to influence the structure and logic of a query...

securityvulns•added 2005/10/25 12:0 a.m.•27 views

[Full-disclosure] Fwd: Vulnerability in Ar-blog ver 5.2 and prior versions

---------- Forwarded message ---------- From: M.o.H.a.J.a.L.i [email protected] Date: Oct 25, 2005 12:52 AM Subject: Vulnerability in Ar-blog ver 5.2 and prior versions To: [email protected] Vulnerability in Ar-blog ver 5.2 and prior Software: Ar-blog Vulnerable versions: = 5.2 Type:...

7.2AI score

Exploit DB•added 2005/09/19 12:0 a.m.•20 views

vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/user.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/14872/info vBulletin is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of...

CVE•added 2005/09/07 4:0 a.m.•45 views

CVE-2005-2816

CVE-2005-2816 describes a Cross-Site Scripting (XSS) vulnerability in Greymatter (Greymatter gm.cgi). The issue occurs when a user submits a post comment that is logged and later read via the administrator’s View Control Panel Log, where the log handling fails to sanitize the injected script/HTML...

4.3CVSS5.6AI score0.00948EPSS

Exploits0References1

securityvulns•added 2005/09/02 12:0 a.m.•25 views

XSS in GreyMatter blog

Graymatter - perl based web blog. offsite: http://www.greymatterforums.com/ GM analyze posting comments and if post contain some dangerous code like script/script, administrator get message about it in log files. Log files contain not only message, but dangerous code. When admin try to look log...