Lucene search
K

7210 matches found

NVD
NVD
added 2007/09/24 11:17 p.m.16 views

CVE-2007-5068

SQL injection vulnerability in index.php in phpFullAnnu PFA 6.0 allows remote attackers to execute arbitrary SQL commands via the mod parameter...

7.5CVSS8.4AI score0.01037EPSS
Exploits0References5
CVE
CVE
added 2007/09/24 11:0 p.m.33 views

CVE-2007-5068

CVE-2007-5068 is a SQL injection vulnerability affecting phpFullAnnu (PFA) 6.0, where an attacker can inject arbitrary SQL via the mod parameter in index.php. The vulnerability is confirmed in multiple sources (NVD/NVD mirror entries) and has a base CVSS v2 score of 7.5 (HIGH) with network access...

7.5CVSS8.4AI score0.01037EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2007/09/24 12:0 a.m.38 views

CVE-2007-5050

The CVE-2007-5050 entry describes a directory traversal in Neuron News 1.0: index.php vulnerable to a ".." in the q parameter, permitting remote attackers to include and execute arbitrary local files. Affected software: Neuron News 1.0 (PHP). Root cause is improper input validation on q that perm...

7.5CVSS7.2AI score0.02982EPSS
Exploits0References6Affected Software1
seebug.org
seebug.org
added 2007/09/21 12:0 a.m.36 views

neuron news 1.0 (index.php q) Local File Inclusion Vulnerability

No description provided by source. |/// \ - - // Y! Underground Group @ @ ----oOOo---oOOo-------------------------------------------------- Portal : Neuron News 1.0 Download : http://downloads.localhost.be/scripts/neuronnews.zip Author : Dj7xpl HomePage : http://r00t.ir / http://Dj7xpl.2600.ir...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/09/21 12:0 a.m.19 views

neuron news 1.0 (index.php q) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================ neuron news 1.0 index.php q Local File Inclusion Vulnerability ================================================================ \|/// \ - - // Y! Underground Group @ @...

7.1AI score
Exploits0
NVD
NVD
added 2007/09/20 9:17 p.m.10 views

CVE-2007-5013

Multiple cross-site scripting XSS vulnerabilities in index.php in Phormer 3.31 allow remote attackers to inject arbitrary web script or HTML via the 1 u, 2 p, 3 c, and 4 s parameters, and other unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained sole...

4.3CVSS5.7AI score0.01073EPSS
Exploits1References4
Prion
Prion
added 2007/09/19 7:17 p.m.14 views

Sql injection

SQL injection vulnerability in index.php in the Ktauber.com StylesDemo mod for phpBB 2.0.xx allows remote attackers to execute arbitrary SQL commands via the s parameter...

7.5CVSS9.1AI score0.00987EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2007/09/19 7:0 p.m.39 views

CVE-2007-4984

CVE-2007-4984 affects the Ktauber.com StylesDemo mod for phpBB 2.0.x. Vulnerable component: index.php; vulnerable via the s parameter causing SQL injection. Root cause: improper handling of input leading to arbitrary SQL execution by remote attackers. Impact, per CVSS: AV:N/AC:L/Au:N/C:P/I:P/A:P ...

7.5CVSS8.4AI score0.00987EPSS
Exploits1References4Affected Software1
seebug.org
seebug.org
added 2007/09/19 12:0 a.m.16 views

saforum 注射漏洞

saforum是国内安全研究人员修改过的saforum论坛,但是代码中有一点瑕疵导致可能被获取管理员权限: \include\common.php 行4149引入没有过滤的变量 ------cut----------------- ifgetenv'HTTPCLIENTIP' $onlineip = getenv'HTTPCLIENTIP'; elseifgetenv'HTTPXFORWARDEDFOR' $onlineip = getenv'HTTPXFORWARDEDFOR'; elseifgetenv'REMOTEADDR' $onlineip =...

7.1AI score
Exploits0
NVD
NVD
added 2007/09/18 10:17 p.m.16 views

CVE-2007-4958

Multiple cross-site scripting XSS vulnerabilities in TinyWebGallery TWG 1.6.3.4 allow remote attackers to inject arbitrary web script or HTML via the URI for 1 index.php, 2 iframes/ilogin.php, and 3 iframes/itoptags.php. NOTE: the provenance of this information is unknown; the details are obtaine...

4.3CVSS5.7AI score0.01033EPSS
Exploits0References4
Prion
Prion
added 2007/09/18 8:17 p.m.16 views

Sql injection

Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote attackers to execute arbitrary SQL commands via 1 the pseudo parameter to login.php, 2 the id parameter to index.php in a carnet editer action in the MemberSpace espacemembre module, or 3 the typenav parameter to index.php in a...

7.5CVSS8.8AI score0.0353EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2007/09/18 8:17 p.m.20 views

CVE-2007-4956

Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote attackers to execute arbitrary SQL commands via 1 the pseudo parameter to login.php, 2 the id parameter to index.php in a carnet editer action in the MemberSpace espacemembre module, or 3 the typenav parameter to index.php in a...

7.5CVSS8.3AI score0.0353EPSS
Exploits0References11
Prion
Prion
added 2007/09/18 8:17 p.m.13 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in myphpPagetool 0.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the ptinclude parameter to 1 help1.php, 2 help2.php, 3 help3.php, 4 help4.php, 5 help5.php, 6 help6.php, 7 help7.php, 7 help8.php, 8 help9.php, or 10 index.p...

7.5CVSS7.9AI score0.03579EPSS
Exploits1References11Affected Software1
CVE
CVE
added 2007/09/18 8:0 p.m.42 views

CVE-2007-4953

SimpCMS CVE-2007-4953 is a SQL injection vulnerability in index.php where a remote attacker can influence the keyword parameter of a search site action to execute arbitrary SQL. The entry details a high-severity issue (CVSSv2 base score 7.5) with network attack vector and no authentication requir...

7.5CVSS8.2AI score0.01006EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/09/17 5:0 p.m.17 views

CVE-2007-4918

SQL injection vulnerability in classes/gelato.class.php in Gelato allows remote attackers to execute arbitrary SQL commands via the post parameter to index.php...

8.4AI score0.01622EPSS
Exploits1References8
securityvulns
securityvulns
added 2007/09/17 12:0 a.m.3931 views

Vulnerability in Nucleus

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в Nucleus. XSS: Уязвимость на странице index.php в параметре archive. http://site/index.php?blogid=1&archive=2007-01-013Cscript3Ealertdocument.cookie3C/script3E Дополнительная информация о данной уязвимости у меня н...

Exploits0
0day.today
0day.today
added 2007/09/14 12:0 a.m.33 views

JBlog 1.0 (index.php id) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ===================================================== JBlog 1.0 index.php id Remote SQL Injection Exploit ===================================================== Script....................................: JBlog ver 1.0 Script...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/09/14 12:0 a.m.10 views

JBlog 1.0 - index.php?id SQL Injection

JBlog 1.0 - index.php?id SQL Injection Script....................................: JBlog ver 1.0 Script Site...........................: http://www.jmuller.net/jblog/index.php Vulnerability........................: Remote SQL injection Exploit Access..................................: Remote...

Exploits0
seebug.org
seebug.org
added 2007/09/14 12:0 a.m.14 views

JBlog 1.0 (index.php id) Remote SQL Injection Exploit

No description provided by source. Script....................................: JBlog ver 1.0 Script Site...........................: http://www.jmuller.net/jblog/index.php Vulnerability........................: Remote SQL injection Exploit Access..................................: Remote...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/09/14 12:0 a.m.35 views

Gelato - 'index.php?post' SQL Injection

? Gelato SQL Injection exploit Dork: "powered by gelato cms" Homepage: http://gelatocms.com s 0 c r a t e x msn: s0cratexatnasadotgov greetz: D.O.M and plexinium team iniset"maxexecutiontime",0; function gettext $in = fopen"php://stdin", 'r'; $text = fgets$in, 1024; $text = trim$text; return $tex...

7.4AI score
Exploits0
Rows per page
Query Builder