Lucene search
K

7210 matches found

CVE
CVE
added 2007/11/15 10:0 p.m.39 views

CVE-2007-5991

CVE-2007-5991 affects ExoPHPdesk: SQL injection in index.php via the user parameter in the profile fn action, enabling remote execution of arbitrary SQL commands. Documented in NVD with a base score of 7.5 (HIGH); attack vector is network and no authentication required. Connected sources also ref...

7.5CVSS8.3AI score0.01063EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/11/15 10:0 p.m.20 views

CVE-2007-6004

Multiple SQL injection vulnerabilities in index.php in Toko Instan 7.6 allow remote attackers to execute arbitrary SQL commands via 1 the id parameter in an artikel action or 2 the katid parameter in a produk action...

8.5AI score0.01006EPSS
Exploits0References4
Prion
Prion
added 2007/11/15 12:46 a.m.10 views

Sql injection

SQL injection vulnerability in index.php in TBSource, as used in 1 TBDev and 2 TorrentStrike 0.4, allows remote authenticated users to execute arbitrary SQL commands via the choice parameter. NOTE: some of these details are obtained from third party information...

6.5CVSS8.6AI score0.0107EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2007/11/15 12:46 a.m.22 views

CVE-2007-5975

SQL injection vulnerability in index.php in TBSource, as used in 1 TBDev and 2 TorrentStrike 0.4, allows remote authenticated users to execute arbitrary SQL commands via the choice parameter. NOTE: some of these details are obtained from third party information...

6.5CVSS7.9AI score0.0107EPSS
Exploits0References6
NVD
NVD
added 2007/11/15 12:46 a.m.13 views

CVE-2007-5982

Multiple cross-site scripting XSS vulnerabilities in X7 Chat 2.0.4, 2.0.5, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the 1 room parameter to sources/frame.php, the 2 themec parameter to help/index.php, or the 3 INSTALLX7CHATVERSION parameter to...

4.3CVSS5.9AI score0.03053EPSS
Exploits1References5
Cvelist
Cvelist
added 2007/11/15 12:0 a.m.20 views

CVE-2007-5984

classes/Url.php in Justin Hagstrom AutoIndex PHP Script before 2.2.4 allows remote attackers to cause a denial of service CPU and memory consumption via a %00 sequence in the dir parameter to index.php, which triggers an erroneous "recursive calculation."...

6.7AI score0.08451EPSS
Exploits0References6
Prion
Prion
added 2007/11/14 1:46 a.m.18 views

Design/Logic Flaw

Bandersnatch 0.4 allows remote attackers to obtain sensitive information via a malformed request for index.php with 1 a certain func parameter value; or 2 certain func, jid, page, and limit parameter values; which reveals the path in various error messages...

4CVSS6.7AI score0.0089EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2007/11/14 1:46 a.m.16 views

CVE-2007-5942

Bandersnatch 0.4 allows remote attackers to obtain sensitive information via a malformed request for index.php with 1 a certain func parameter value; or 2 certain func, jid, page, and limit parameter values; which reveals the path in various error messages...

4CVSS6.2AI score0.0089EPSS
Exploits0References2
seebug.org
seebug.org
added 2007/11/14 12:0 a.m.14 views

TBsource Index.PHP SQL注入漏洞

TBsource是一款基于PHP的WEB应用程序。 TBsource不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于'Index.PHP'脚本对用户提交的'choice'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或可能操作数据库。 TBsource 7alpha.1.01 目前没有详细解决方案提供: http://sourceforge.net/project/showfiles.php?groupid=153513...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2007/11/10 2:0 a.m.16 views

CVE-2007-5920

index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors, possibly due to a directory traversal vulnerability. NOTE: this can be leveraged to bypass authentication and upload files by including picoinsert.php or unspecified...

7.2AI score0.02251EPSS
Exploits0References5
CVE
CVE
added 2007/11/10 2:0 a.m.34 views

CVE-2007-5920

CVE-2007-5920 affects PicoFlat CMS (pre-0.4.18). The issue allows remote attackers to include certain files via unspecified vectors, likely due to a directory traversal flaw, potentially bypassing authentication and enabling file uploads by including pico_insert.php or other admin scripts. The ex...

6.8CVSS7.3AI score0.02251EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2007/11/08 2:46 a.m.9 views

Directory traversal

Directory traversal vulnerability in index.php in easyGB 2.1.1 allows remote attackers to include arbitrary files via the DatabaseType parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

10CVSS7.1AI score0.0324EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2007/11/05 7:0 p.m.33 views

CVE-2007-5820

CVE-2007-5820 affects Ax Developer CMS (AxDCMS) 0.1.1. It is a directory traversal in index.php that lets remote attackers include and execute arbitrary local files via .. in the module parameter. The provided documents do not specify exploit status or remediation/version fixes; no explicit explo...

9.3CVSS7.1AI score0.02972EPSS
Exploits0References5Affected Software1
Packet Storm
Packet Storm
added 2007/11/05 12:0 a.m.18 views

nuboard-rfi.txt

nuBoard 0.5 index.php site Remote File Inclusion Vulnerability http://switch.dl.sourceforge.net/sourceforge/nuboard/nuboardv0.5.tar.gz /nuboardv0.5/admin/index.php?site=http://localhost/scripts/020.txt?...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/11/04 12:0 a.m.14 views

Ax Developer CMS 0.1.1 (index.php module) Local File Inclusion Vuln

No description provided by source. W w w . T r Y a G . C o m Ax Developer CMS 0.1.1 index.php module Local File Inclusion Vulnerability http://sourceforge.net/projects/axdcms/ POC : /index.php?module=../../../../../../../../etc/passwd%00 W w w . T r Y a G . C o m sebug.net...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/11/04 12:0 a.m.14 views

nuBoard 0.5 - site Remote File Inclusion

nuBoard 0.5 - site Remote File Inclusion nuBoard 0.5 index.php site Remote File Inclusion Vulnerability http://switch.dl.sourceforge.net/sourceforge/nuboard/nuboardv0.5.tar.gz /nuboardv0.5/admin/index.php?site=http://localhost/scripts/020.txt? milw0rm.com 2007-11-04...

Exploits0
0day.today
0day.today
added 2007/11/04 12:0 a.m.68 views

nuBoard 0.5 (index.php site) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================ nuBoard 0.5 index.php site Remote File Inclusion Vulnerability ================================================================ nuBoard 0.5 index.php site Remote File Inclusi...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/11/02 12:0 a.m.22 views

Ax Developer CMS 0.1.1 (index.php module) Local File Inclusion Vuln

Exploit for unknown platform in category web applications =================================================================== Ax Developer CMS 0.1.1 index.php module Local File Inclusion Vuln =================================================================== Ax Developer CMS 0.1.1 index.php modu...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/11/02 12:0 a.m.20 views

ax-lfi.txt

W w w . T r Y a G . C o m Ax Developer CMS 0.1.1 index.php module Local File Inclusion Vulnerability http://sourceforge.net/projects/axdcms/ POC : /index.php?module=../../../../../../../../etc/passwd%00 W w w . T r Y a G . C o m...

7.4AI score
Exploits0
Prion
Prion
added 2007/11/01 4:46 p.m.13 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote attackers to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter...

4.3CVSS7.4AI score0.00876EPSS
Exploits0References3
Rows per page
Query Builder