Lucene search
K

7210 matches found

CVE
CVE
added 2005/11/16 7:37 a.m.46 views

CVE-2005-3592

The CVE-2005-3592 entry documents a path disclosure vulnerability in CuteNews 1.4.0 and earlier. An attacker can trigger an error message (for example by supplying multiple ../ sequences in the archive parameter) to obtain the installation path of the application. This is a information-disclosure...

5CVSS7AI score0.01181EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2005/11/16 7:37 a.m.45 views

CVE-2005-3558

CVE-2005-3558 affects OSTE 1.0, with a PHP file inclusion vulnerability in index.php. The issue allows remote attackers to execute arbitrary code via the (1) page and (2) site parameters. The description indicates that the vulnerability stems from PHP file inclusion, leading to potential code exe...

7.5CVSS8.1AI score0.05787EPSS
Exploits1References7Affected Software1
securityvulns
securityvulns
added 2005/11/14 12:0 a.m.45 views

PEEL 2.x sql injection

PEEL 2.x sql injection Author: r0t hackers.by.lv Date: 14. nov 2005 software: PEEL 2.x vendor: http://peel.fr/ Tested on 2.6 and 2.7 version Vulnerability Description: contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script...

2.5AI score
Exploits0
NVD
NVD
added 2005/11/06 11:2 a.m.12 views

CVE-2005-3512

Cross-site scripting XSS vulnerability in index.php in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via the t parameter in a newreply action...

4.3CVSS5.7AI score0.01733EPSS
Exploits1References3
CVE
CVE
added 2005/11/06 11:0 a.m.50 views

CVE-2005-3512

Vulnerability: CVE-2005-3512 affects VUBB alpha rc1 (index.php) where the t parameter in the newreply action is vulnerable to reflected XSS. Root cause is improper handling of the t parameter in the newreply flow, enabling injection of arbitrary script/HTML. Impact per provided details is partial...

4.3CVSS5.9AI score0.01733EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2005/11/06 11:0 a.m.46 views

CVE-2005-3514

Chipmunk Forum XSS vulnerability CVE-2005-3514 affects the Chipmunk Forum script (Chipmunk Forum

4.3CVSS5.8AI score0.02692EPSS
Exploits1References10Affected Software1
CVE
CVE
added 2005/11/06 11:0 a.m.41 views

CVE-2005-3513

The CVE refers to VUBB alpha rc1 where index.php exposes the installation path via a viewforum action when the f parameter is set to a single quote ('). This is a remote, unauthenticated disclosure vulnerability in the VUBB application. Affected component: VUBB alpha rc1, specifically the viewfor...

5CVSS6.9AI score0.01181EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2005/11/06 11:0 a.m.16 views

CVE-2005-3513

index.php in VUBB alpha rc1 allows remote attackers to obtain the installation path of the application via a viewforum action with the f parameter set to a single quote '...

6.5AI score0.01181EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/11/06 11:0 a.m.18 views

CVE-2005-3512

Cross-site scripting XSS vulnerability in index.php in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via the t parameter in a newreply action...

5.7AI score0.01733EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2005/11/06 12:0 a.m.5 views

PT-2005-4313 · Chipmunk Scripts · Chipmunk Scripts Guestbook

Name of the Vulnerable Software and Affected Versions: Chipmunk Scripts Guestbook affected versions not specified Description: The issue allows remote attackers to obtain the installation path of the script by causing an error message to be displayed. This can be achieved through a URL that...

5CVSS6.3AI score0.01388EPSS
Exploits0References6
CVE
CVE
added 2005/11/03 2:0 a.m.35 views

CVE-2005-3478

CVE-2005-3478 is a SQL injection flaw in PHPCafe.net Tutorials Manager 1.0 Beta 2, exploitable via the id parameter in index.php. The vulnerability enables remote SQL command execution. CVSS v2 metrics from NVD indicate a base score of 7.5 (HIGH) with network attack vector, low attack complexity,...

7.5CVSS8.8AI score0.01162EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2005/11/03 2:0 a.m.14 views

CVE-2005-3478

SQL injection vulnerability in index.php in PHPCafe.net Tutorials Manager 1.0 Beta 2 allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.4AI score0.01162EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.21 views

CuteNews index.php XSS

The version of CuteNews installed on the remote host is vulnerable to a cross-site-scripting XSS attack. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

4.3CVSS6.4AI score0.03589EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.26 views

Mambo Site Server index.php mos_change_template XSS

An attacker may use the installed version of Mambo Site Server to perform a cross site scripting attack on this host. OpenVAS Vulnerability Test $Id: mamboxss3.nasl 9087 2018-03-12 17:24:24Z cfischer $ Description: Mambo Site Server index.php moschangetemplate XSS Authors: David Maciejak Updated:...

4.3CVSS6AI score0.01974EPSS
Exploits1
CVE
CVE
added 2005/11/02 11:0 a.m.39 views

CVE-2005-3432

The CVE-2005-3432 issue affects MiniGal 2 (MG2) 0.5.1, where a remote attacker can cause listing of password-protected images by sending a request to index.php with list = * and page = all. The public sources describe the vulnerability as an information-disclosure flaw allowing access to protecte...

5CVSS7.2AI score0.0287EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2005/11/02 11:0 a.m.15 views

CVE-2005-3432

MiniGal 2 MG2 0.5.1 allows remote attackers to list password protected images via a request to index.php with the list parameter set to wildcard and the page parameter set to all...

6.8AI score0.0287EPSS
Exploits1References4
Exploit DB
Exploit DB
added 2005/10/31 12:0 a.m.17 views

Invision Gallery 2.0.3 - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/15240/info Invision Gallery is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/10/31 12:0 a.m.15 views

Invision Gallery 2.0.3 - index.php SQL Injection

Invision Gallery 2.0.3 - index.php SQL Injection source: https://www.securityfocus.com/bid/15240/info Invision Gallery is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

0.9AI score
Exploits0
NVD
NVD
added 2005/10/30 2:34 p.m.20 views

CVE-2005-3365

Multiple SQL injection vulnerabilities in DCP-Portal 6 and earlier allow remote attackers to execute arbitrary SQL commands, possibly requiring encoded characters, via 1 the name parameter in register.php, 2 the email parameter in lostpassword.php, 3 the year parameter in calendar.php, and the 4...

7.5CVSS8.1AI score0.03167EPSS
Exploits1References12
Cvelist
Cvelist
added 2005/10/29 7:0 p.m.22 views

CVE-2005-3365

Multiple SQL injection vulnerabilities in DCP-Portal 6 and earlier allow remote attackers to execute arbitrary SQL commands, possibly requiring encoded characters, via 1 the name parameter in register.php, 2 the email parameter in lostpassword.php, 3 the year parameter in calendar.php, and the 4...

8.1AI score0.03167EPSS
Exploits1References12
Rows per page
Query Builder