Lucene search
K

7210 matches found

securityvulns
securityvulns
added 2007/05/25 12:0 a.m.51 views

RedLevel Advisory #022 - ClonusWiki .5 Cross-Site Scripting Vulnerability

!-- ClonusWiki .5 - Cross-Site Scripting Vulnerability Vendor: http://clonuswiki.sourceforge.net Vulnerable Variable: query Vulnerable File: index.php Vulnerable: ClonusWiki .5 other versions may also be vulnerable Google d0rk: "ClonusWiki .5" intitle:"ClonusWiki" John Martinelli...

Exploits0
Packet Storm
Packet Storm
added 2007/05/23 12:0 a.m.23 views

clonuswiki-xss.txt

ClonusWiki .5 - Cross-Site Scripting Vulnerability ClonusWiki .5 - Cross-Site Scripting Vulnerability discovered by John Martinelli of RedLevel Security Google d0rk: "ClonusWiki .5" intitle:"ClonusWiki" file index.php - variable query - method get "alert1"...

7.4AI score
Exploits0
Prion
Prion
added 2007/05/22 9:30 p.m.13 views

Sql injection

SQL injection vulnerability in read/index.php in ol'bookmarks 0.7.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS9.1AI score0.0105EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2007/05/22 7:30 p.m.11 views

CVE-2007-2805

Multiple cross-site scripting XSS vulnerabilities in index.php in ClientExec CE 3.0 beta2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the 1 ticketID, 2 view, and 3 fuse parameters...

4.3CVSS5.9AI score0.01495EPSS
Exploits0References4
NVD
NVD
added 2007/05/22 7:30 p.m.13 views

CVE-2007-2806

Multiple cross-site scripting XSS vulnerabilities in index.php in GaliX 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 galixcatdetail, 2 galixgaldetail, and 3 galixcatdetailsort parameters...

5.8CVSS5.8AI score0.01552EPSS
Exploits1References4
CVE
CVE
added 2007/05/22 7:0 p.m.50 views

CVE-2007-2806

CVE-2007-2806 describes multiple XSS vulnerabilities in the GaliX 2.0 index.php file, exploitable via parameters galix_cat_detail, galix_gal_detail, and galix_cat_detail_sort. The root cause is improper input handling leading to script/HTML injection, enabling remote attackers to inject arbitrary...

5.8CVSS5.8AI score0.01552EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2007/05/22 7:0 p.m.44 views

CVE-2007-2805

CVE-2007-2805 is an XSS vulnerability in ClientExec (CE) 3.0 beta2 (and possibly other versions) affecting index.php. The issue allows remote attackers to inject arbitrary web script or HTML via the (1) ticketID, (2) view, and (3) fuse parameters. The connected records confirm the affected softwa...

4.3CVSS5.9AI score0.01495EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/05/22 7:0 p.m.17 views

CVE-2007-2806

Multiple cross-site scripting XSS vulnerabilities in index.php in GaliX 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 galixcatdetail, 2 galixgaldetail, and 3 galixcatdetailsort parameters...

5.8AI score0.01552EPSS
Exploits1References4
Cvelist
Cvelist
added 2007/05/22 7:0 p.m.14 views

CVE-2007-2805

Multiple cross-site scripting XSS vulnerabilities in index.php in ClientExec CE 3.0 beta2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the 1 ticketID, 2 view, and 3 fuse parameters...

5.9AI score0.01495EPSS
Exploits0References4
Prion
Prion
added 2007/05/21 11:30 p.m.11 views

Directory traversal

Multiple directory traversal vulnerabilities in MolyX BOARD 2.5.0 allow remote attackers to read arbitrary files via a .. dot dot in the lang parameter to index.php and other unspecified PHP scripts...

7.8CVSS7.5AI score0.03752EPSS
Exploits0References6Affected Software1
seebug.org
seebug.org
added 2007/05/21 12:0 a.m.23 views

AlstraSoft Live Support v1.21 Admin Credential Retrieve Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo " AlstraSoft Live Support v1.21 Admin Credential Retrieve Exploit by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love "; if $argc2 echo "Usage: php...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/05/21 12:0 a.m.15 views

GaliX 2.0 - index.php Multiple Cross-Site Scripting Vulnerabilities

GaliX 2.0 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/24066/info GaliX is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2007/05/21 12:0 a.m.21 views

GaliX 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/24066/info GaliX is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials and to launch other...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/05/18 12:0 a.m.32 views

MolyX BOARD 2.5.0 - index.php?lang Local File Inclusion

MolyX BOARD 2.5.0 - index.php?lang Local File Inclusion =============== MolyX BOARD 2.5.0 Local File Inclusion ==== Possibly other versions =============== Vulnerability found by MurderSkillz ============================================== =============== d0rk "Powered by MolyX BOARD 2.5.0"...

Exploits0
CVE
CVE
added 2007/05/17 7:0 p.m.55 views

CVE-2007-2737

Summary (CVE-2007-2737) : The XOOPS MyConference 1.0 module contains an SQL injection in index.php exploitable via the cid parameter. The issue allows a remote attacker to execute arbitrary SQL commands against the underlying database. This is reported in multiple sources (NVD entry and Checkpoin...

7.5CVSS8.1AI score0.00934EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2007/05/17 12:0 a.m.22 views

wikyblog-rfi.txt

WikyBlog-1.4.12index.php Remote File Include Vulnerability Found by : nkillers nkillersathotmail.com Download http://jaist.dl.sourceforge.net/sourceforge/wikyblog/WikyBlog-1.4.12.zip File: ./index.php requireonce$includeDir.'/wiki2.php'; requireonce$includeDir.'/wiki3.php'; Exploit...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/05/17 12:0 a.m.13 views

Mambo Component com_yanc 1.4 Beta - id SQL Injection

Mambo Component comyanc 1.4 Beta - id SQL Injection ------------------------------ ------------------------------- Mambo comyanc v1.4 beta id Blind Remote SQL Injection Vuln ------------------------------------------------------------- Bulan: Cyber-Security...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/05/17 12:0 a.m.74 views

Mambo Component com_yanc 1.4 Beta - 'id' SQL Injection

------------------------------ ------------------------------- Mambo comyanc v1.4 beta id Blind Remote SQL Injection Vuln ------------------------------------------------------------- Bulan: Cyber-Security ------------------------------------------------------------- Exploit:...

7.4AI score
Exploits0
NVD
NVD
added 2007/05/15 12:19 a.m.16 views

CVE-2007-2681

Directory traversal vulnerability in blogs/index.php in b2evolution 1.6 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the coresubdir parameter...

7.5CVSS7.1AI score0.01508EPSS
Exploits0References3
NVD
NVD
added 2007/05/13 11:19 p.m.11 views

CVE-2007-2636

Unspecified vulnerability in phpTodo before 0.8.1 allows remote attackers to have an unknown impact via newlines in regular expressions to 1 index.php, 2 feed.php, 3 prefs.php, and 4 todolist.php; and 5 classTodoItem.php and 6 phpTodoUser.php in libs/. NOTE: some of these details are obtained fro...

6.8CVSS6.8AI score0.01165EPSS
Exploits0References4
Rows per page
Query Builder