Lucene search
K

7210 matches found

NVD
NVD
added 2007/02/01 10:28 p.m.21 views

CVE-2007-0663

SQL injection vulnerability in index.php in Eclectic Designs CascadianFAQ 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the qid parameter, a different vector than CVE-2007-0631. NOTE: The provenance of this information is unknown; the details are obtained solely fr...

7.5CVSS7.9AI score0.00913EPSS
Exploits0References1
Cvelist
Cvelist
added 2007/02/01 10:0 p.m.22 views

CVE-2007-0663

SQL injection vulnerability in index.php in Eclectic Designs CascadianFAQ 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the qid parameter, a different vector than CVE-2007-0631. NOTE: The provenance of this information is unknown; the details are obtained solely fr...

7.9AI score0.00913EPSS
Exploits0References1
CVE
CVE
added 2007/02/01 10:0 p.m.46 views

CVE-2007-0663

CVE-2007-0663 describes an SQL injection in Eclectic Designs CascadianFAQ 4.1 and earlier, exploitable via the qid parameter in index.php. The vulnerability allows remote attackers to execute arbitrary SQL commands; affected software is CascadianFAQ on index.php, with the issue explicitly tied to...

7.5CVSS8.1AI score0.00913EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2007/02/01 12:0 a.m.17 views

MDPro Index.PHP注入漏洞

MDPro是一款基于PHP的WEB应用程序。 MDPro不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是'Index.PHP'脚本对用户提交的'startrow'参数缺少过滤,提交恶意SQL脚本代码作为参数数据,可更改原来的SQL逻辑,导致获得敏感信息。 MAXdev MD-Pro 1.0.76 目前没有解决方案提供,请关注以下链接: http://www.maxdev.com/AboutMD.phtml http://www.example.com/index.php?module=News&startrow='sql injection...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/02/01 12:0 a.m.24 views

CascadianFaq Index.PHP SQL注入漏洞

CascadianFaq是一款基于PHP的WEB应用程序。 CascadianFaq不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是'Index.PHP'脚本对用户提交的'catid'参数缺少过滤,提交恶意SQL脚本代码作为参数数据,可更改原来的SQL逻辑,导致获得敏感信息。 Eclectic Designs CascadianFAQ 4.1 目前没有解决方案提供,请关注以下链接: http://eclectic-designs.com/cascadianfaq.php...

7.1AI score
Exploits0
CVE
CVE
added 2007/01/31 6:0 p.m.43 views

CVE-2007-0631

CVE-2007-0631 affects Eclectic Designs CascadianFAQ 4.1 and earlier. A vulnerability in the web app’s index.php allows a remote attacker to inject SQL via the catid parameter, enabling arbitrary SQL execution. The available connected sources confirm the parameter-based SQL injection vector and id...

7.5CVSS8.3AI score0.01195EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2007/01/31 6:0 p.m.45 views

CVE-2007-0623

The CVE-2007-0623 entry documents an SQL injection vulnerability in the MAXdev MDPro product, specifically in index.php (version 1.0.76). The root cause is improper handling of the startrow parameter, allowing remote attackers to execute arbitrary SQL commands. The vulnerability affects the web a...

7.5CVSS8.4AI score0.01755EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2007/01/31 11:0 a.m.21 views

CVE-2007-0616

Directory traversal vulnerability in zen/template-functions.php in zenphoto 1.0.4 up to 1.0.6 allows remote attackers to list arbitrary directories via ".." sequences in the album parameter to index.php...

6.8AI score0.02163EPSS
Exploits1References7
seebug.org
seebug.org
added 2007/01/31 12:0 a.m.24 views

CascadianFAQ <= 4.1 (index.php) Remote SQL Injection Vulnerability

No description provided by source. Title : CascadianFAQ = 4.1 index.php Remote Blind SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://eclectic-designs.com $$ : Free Dork : This FAQ is powered by CascadianFAQ DorkEx :...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/01/30 12:0 a.m.84 views

gnopaste <= 0.5.3 (index.php) Remote File Include Vulnerability

t3K t4b4nc4 gnopaste = 0.5.3 index.php Remote File Include Vulnerability Script site: http://sourceforge.net/projects/gnopaste Find by TrZiNDaN Greetings; ELMuHaMMeD,CyberWolf,CrackersChild,EntriKa,Xyu,Sehzade, B4ct3ry,M3rhametsiz,Cold Z3ro,e-system,blackwolf,Paradox T3K T4B4NC4 Contact:...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2007/01/30 12:0 a.m.21 views

CascadianFAQ 4.1 - index.php SQL Injection

CascadianFAQ 4.1 - index.php SQL Injection Title : CascadianFAQ = 4.1 index.php Remote Blind SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://eclectic-designs.com $$ : Free Dork : This FAQ is powered by CascadianFAQ DorkEx :...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2007/01/30 12:0 a.m.50 views

CascadianFAQ 4.1 - 'index.php' SQL Injection

Title : CascadianFAQ = 4.1 index.php Remote Blind SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://eclectic-designs.com $$ : Free Dork : This FAQ is powered by CascadianFAQ DorkEx :...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/01/28 12:0 a.m.26 views

Mafia Scum Tools Index.PHP远程文件包含漏洞

Mafia Scum Tools是一款基于PHP的WEB应用程序。 Mafia Scum Tools不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Index.PHP'脚本对用户提交的'gen'参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 Mafia Scum Tools Mafia Scum Tools 2.0 目前没有解决方案提供: http://switch.dl.sourceforge.net/sourceforge/adv-random-gen !/usr/bin/perl &n...

7.1AI score
Exploits0
Prion
Prion
added 2007/01/26 1:28 a.m.15 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Advanced Guestbook 2.4.2 allow remote attackers to execute arbitrary PHP code via a URL in the includepath parameter to 1 index.php, 2 addentry.php, or 3 picture.php, a different set of vectors than CVE-2006-5804. NOTE: this issue has been...

7.5CVSS7.8AI score0.01939EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2007/01/25 9:0 p.m.51 views

CVE-2007-0501

CVE-2007-0501 corresponds to a PHP remote file inclusion vulnerability in Mafia Scum Tools 2.0.0 within Matthew Wardrop Advanced Random Generators (adv-random-gen). The flaw allows an attacker to execute arbitrary PHP code by supplying a URL in the gen parameter, enabling remote code execution. T...

6.8CVSS7.5AI score0.02365EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2007/01/25 12:0 a.m.47 views

CVE-2007-0490

Open-Realty 2.3.4 is affected by CVE-2007-0490 where index.php via listingview with an invalid listingID exposes the full server path. This is an information-disclosure vulnerability that can be exploited remotely to obtain sensitive filesystem paths. Root cause is not detailed in the provided do...

5CVSS6.2AI score0.01064EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2007/01/25 12:0 a.m.7 views

PT-2007-1947 · Freeforum · Freeforum

Name of the Vulnerable Software and Affected Versions: FreeForum version 0.9.0 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter in the index.php file. However, this issue has been disputed by third-party researchers, stating that the...

7.5CVSS8AI score0.01348EPSS
Exploits0References5
securityvulns
securityvulns
added 2007/01/24 12:0 a.m.1275 views

Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability

Advanced Guestbook =- 2.4.2 includepath Remote File Include Vulnerability Script: Advanced Guestbook Version: 2.4.2 URL: http://proxy2.de/js/dl86d7a2.php Found By : BorN To K!LL Bug in : index.php , addentry.php , picture.php code :. requireonce $includepath."/admin/config.inc.php"; requireonce...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2007/01/24 12:0 a.m.101 views

FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability

FreeForum 0.9.0 =- index.php fpath Remote File Include Vulnerability Script: FreeForum Version: 0.9.0 URL: http://www.phpfreaks.com/scripts.php?action=gotoDownload&scriptid=616 Found By : BorN To K!LL Bug in : index.php code : include"$fpath/forum.php"; Explo!T :. ^^^^^ /index.php?fpath=SHe1L-CoD...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2007/01/24 12:0 a.m.27 views

freeforum090-rfi.txt

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% FreeForum 0.9.0 =- index.php fpath Remote File Include Vulnerability Script: FreeForum Version: 0.9.0 URL: http://www.phpfreaks.com/scripts.php?action=gotoDownload&scriptid=616 Found By : BorN To K!LL %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Bug in : index.php...

7.4AI score
Exploits0
Rows per page
Query Builder