Lucene search
K

63 matches found

Cvelist
Cvelist
added 2008/04/02 5:0 p.m.21 views

CVE-2008-1632

Multiple SQL injection vulnerabilities in CuteFlow 2.10.0 allow remote authenticated users to execute arbitrary SQL commands via the 1 listid parameter to pages/editmailingliststep1.php, the 2 userid parameter to pages/edituser.php, the 3 fieldid parameter to pages/editfield.php, and the 4...

7.8AI score0.01001EPSS
Exploits0References2
Cvelist
Cvelist
added 2008/04/02 5:0 p.m.16 views

CVE-2008-1631

SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to execute arbitrary SQL commands via the UserId parameter, related to the login form field in index.php...

8.4AI score0.01063EPSS
Exploits0References4
CVE
CVE
added 2008/04/02 5:0 p.m.35 views

CVE-2008-1631

CVE-2008-1631 corresponds to a SQL injection vulnerability in CuteFlow versions 1.5.0 and 2.10.0. The flaw occurs in login.php, related to the UserId parameter used by the login form (indexed in index.php), allowing remote attackers to craft arbitrary SQL commands. Multiple sources (NVD entry, CV...

7.5CVSS8.4AI score0.01063EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2008/04/02 5:0 p.m.44 views

CVE-2008-1632

CVE-2008-1632 affects CuteFlow 2.10.0 with multiple SQL injection flaws in pages/editmailinglist_step1.php (listid), pages/edituser.php (userid), pages/editfield.php (fieldid), and pages/edittemplate_step1.php (templateid). Root cause is unsafe SQL construction allowing remote authenticated users...

7.5CVSS7.8AI score0.01001EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2008/04/02 5:0 p.m.41 views

CVE-2008-1630

CVE-2008-1630 concerns CuteFlow 1.5.0 and 2.10.0, where multiple stored/reflected cross-site scripting (XSS) flaws exist in the web UI. The root cause is insufficient input validation/sanitization of the language parameter across pages such as page/showcirculation.php, edittemplate_step2.php, sho...

4.3CVSS5.7AI score0.01107EPSS
Exploits7References5Affected Software1
securityvulns
securityvulns
added 2008/03/30 12:0 a.m.57 views

CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities

CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities sql injection & Xss Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By : hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all iranian hackerz greetz:to my best friend in the...

2.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/03/29 12:0 a.m.22 views

cuteflow-sqlxss.txt

CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities sql injection & Xss Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By : hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all iranian hackerz greetz:to my best friend in the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/03/29 12:0 a.m.28 views

Cuteflow Bin 1.5 - pages/showuser.php language Parameter XSS

Cuteflow Bin 1.5 pages/showuser.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issu...

4.3CVSS6.6AI score0.01107EPSS
Exploits7
Exploit DB
Exploit DB
added 2008/03/29 12:0 a.m.30 views

Cuteflow Bin 1.5 - pages/showfields.php language Parameter XSS

Cuteflow Bin 1.5 pages/showfields.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The...

4.3CVSS6.6AI score0.01107EPSS
Exploits7
Exploit DB
Exploit DB
added 2008/03/29 12:0 a.m.29 views

Cuteflow Bin 1.5 - pages/edittemplate_step2.php language Parameter XSS

Cuteflow Bin 1.5 pages/edittemplatestep2.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data...

4.3CVSS6.6AI score0.01107EPSS
Exploits7
Exploit DB
Exploit DB
added 2008/03/29 12:0 a.m.45 views

Cuteflow Bin 1.5 - pages/showcirculation.php language Parameter XSS

Cuteflow Bin 1.5 pages/showcirculation.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. T...

4.3CVSS6.6AI score0.01107EPSS
Exploits7
Exploit DB
Exploit DB
added 2008/03/29 12:0 a.m.30 views

Cuteflow Bin 1.5 - pages/editmailinglist_step1.php language Parameter XSS

Cuteflow Bin 1.5 pages/editmailingliststep1.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied...

4.3CVSS6.6AI score0.01107EPSS
Exploits7
Exploit DB
Exploit DB
added 2008/03/29 12:0 a.m.26 views

Cuteflow Bin 1.5 - pages/showtemplates.php language Parameter XSS

Cuteflow Bin 1.5 pages/showtemplates.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The...

4.3CVSS6.6AI score0.01107EPSS
Exploits7
NVD
NVD
added 2008/03/25 7:44 p.m.18 views

CVE-2008-1493

Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...

7.5CVSS7.1AI score0.02462EPSS
Exploits0References4
Prion
Prion
added 2008/03/25 7:44 p.m.14 views

Directory traversal

Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...

7.5CVSS7.6AI score0.02462EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2008/03/25 7:0 p.m.22 views

CVE-2008-1493

Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...

7.1AI score0.02462EPSS
Exploits0References4
CVE
CVE
added 2008/03/25 7:0 p.m.36 views

CVE-2008-1493

CVE-2008-1493 affects Cuteflow Bin 1.5.0 in login.php. The language parameter is processed insecurely, enabling directory traversal with ".." to include and execute local files. This has potential partial impact to confidentiality, integrity, and availability (CVSS v2 base score 7.5, AV:N/AC:L/Au...

7.5CVSS7.1AI score0.02462EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2008/03/25 12:0 a.m.34 views

Cuteflow Bin v1.5.0 Local File Inclusion Vuln

Cuteflow Bin v1.5.0 Local File Inclusion Vulnerability + Author : KnocKout + Site : www.wikipediatr.com ============================================== Script : Cuteflow Bin v1.5.0 Download : http://scripts.ringsworld.com/groupware-tools/cuteflow-bin-v150/ Exploit :...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2008/03/24 12:0 a.m.16 views

cuteflowbin-lfi.txt

Cuteflow Bin v1.5.0 Local File Inclusion Vulnerability + Author : KnocKout + Cyber-Warrior.org / Bug Researchers Group Special Thanks : CW ALL USERS / Mr.Freeman ============================================== Script : Cuteflow Bin v1.5.0 Download :...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/03/23 12:0 a.m.9 views

Cuteflow Bin 1.5.0 (login.php) Local File Inclusion Vulnerability

No description provided by source. Cuteflow Bin v1.5.0 Local File Inclusion Vulnerability + Author : KnocKout + Cyber-Warrior.org / Bug Researchers Group Special Thanks : CW ALL USERS / Mr.Freeman ============================================== Script : Cuteflow Bin v1.5.0 Download :...

7.1AI score
Exploits0
Rows per page
Query Builder