CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

780 matches found

CVE•added 2007/08/22 11:0 p.m.•44 views

CVE-2007-4482

The CVE-2007-4482 entry describes a Cross-site scripting (XSS) vulnerability in the Pool theme for WordPress v1.0.7, exploitable via PATH_INFO (PHP_SELF) in index.php. The vulnerability could allow remote attackers to inject arbitrary web script or HTML. Affected component: Pool theme (WordPress)...

4.3CVSS5.8AI score0.03825EPSS

Exploits0References5Affected Software1

Patchstack•added 2007/08/22 12:0 a.m.•26 views

WordPress Classic Theme <= 1.5 - XSS

Because of this vulnerability in index.php, the attackers can inject arbitrary web script or HTML via the PATHINFO. Solution Update the theme...

4.3CVSS2.5AI score0.01923EPSS

Exploits0References1Affected Software1

Patchstack•added 2007/08/22 12:0 a.m.•15 views

WordPress Sirius Theme <= 1.0 - XSS

Because of this vulnerability in index.php, the attackers can inject arbitrary web script or HTML via the PATHINFO. Solution Update the theme...

4.3CVSS2.7AI score0.01857EPSS

Exploits1References1Affected Software1

Prion•added 2007/07/30 4:30 p.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS6.2AI score0.01321EPSS

Exploits0References8Affected Software1

UbuntuCve•added 2007/07/30 4:30 p.m.•34 views

CVE-2007-4048

Cross-site scripting XSS vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS6.1AI score0.01321EPSS

Exploits0References1

OSV•added 2007/07/30 4:30 p.m.•3 views

CVE-2007-4048

Cross-site scripting XSS vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

5.5AI score

Exploits0References8

Cvelist•added 2007/07/30 4:0 p.m.•21 views

CVE-2007-4048

Cross-site scripting XSS vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

5.6AI score0.01321EPSS

Exploits0References8

CVE•added 2007/07/30 4:0 p.m.•76 views

CVE-2007-4048

CVE-2007-4048 describes a Cross-Site Scripting (XSS) flaw in phpSysInfo up to version 2.5.4-dev, where index.php is vulnerable via PATH_INFO. The issue allows remote attackers to inject arbitrary web script or HTML. The NVD entry lists the base score as 4.3 (Medium) with network attack vector, no...

4.3CVSS5.6AI score0.01321EPSS

Exploits0References8Affected Software1

Debian CVE•added 2007/07/30 4:0 p.m.•20 views

CVE-2007-4048

Cross-site scripting XSS vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS5.6AI score0.01321EPSS

Exploits0

Prion•added 2007/07/25 5:30 p.m.•12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in UseBB 1.0.7, and possibly other 1.0.x versions, allow remote attackers to inject arbitrary web script or HTML via the PATHINFO PHPSELF to 1 upgrade-0-2-3.php, 2 upgrade-0-3.php, or 3 upgrade-0-4.php in install/, a different vulnerability than...

9.3CVSS6AI score0.02417EPSS

Exploits0References3Affected Software1

NVD•added 2007/07/25 5:30 p.m.•12 views

CVE-2007-3963

9.3CVSS5.8AI score0.02417EPSS

Exploits0References3

Cvelist•added 2007/07/25 5:0 p.m.•19 views

CVE-2007-3963

5.8AI score0.02417EPSS

Exploits0References3

Cvelist•added 2007/07/16 10:0 p.m.•24 views

CVE-2007-3799

The sessionstart function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from 1 PATHINFO, 2 the sessionid function, and 3 the sessionstart function, which...

7.7AI score0.07919EPSS

Exploits0References32

Prion•added 2007/07/03 6:30 p.m.•15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Claroline 1.8.3 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO PHPSELF to 1 index.php, 2 demo/claroline170/index.php, and possibly other scripts...

4.3CVSS6.2AI score0.01806EPSS

Exploits0References6Affected Software1

CVE•added 2007/07/03 6:0 p.m.•45 views

CVE-2007-3517

CVE-2007-3517 covers multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.8.3. An attacker can inject arbitrary web script or HTML by supplying malicious content through PATH_INFO (PHP_SELF) to scripts such as index.php and demo/claroline170/index.php (and potentially other scripts)...

4.3CVSS5.9AI score0.01806EPSS

Exploits0References6Affected Software1

Prion•added 2007/06/19 9:30 p.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Php Hosting Biller 1.0 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS6.2AI score0.01861EPSS

Exploits1References7Affected Software1

NVD•added 2007/06/19 9:30 p.m.•11 views

CVE-2007-3281

Cross-site scripting XSS vulnerability in index.php in Php Hosting Biller 1.0 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS5.7AI score0.01861EPSS

Exploits1References7

Cvelist•added 2007/06/19 9:0 p.m.•19 views

CVE-2007-3281

Cross-site scripting XSS vulnerability in index.php in Php Hosting Biller 1.0 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

5.7AI score0.01861EPSS

Exploits1References7

Prion•added 2007/06/19 6:30 p.m.•7 views

Cross site scripting

Cross-site scripting XSS vulnerability in widgets/widgetsearch.php in dKret before 2.6 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO PHPSELF...

4.3CVSS6.1AI score0.01263EPSS

Exploits0References7Affected Software1

NVD•added 2007/06/19 6:30 p.m.•10 views

CVE-2007-3261

Cross-site scripting XSS vulnerability in widgets/widgetsearch.php in dKret before 2.6 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO PHPSELF...

4.3CVSS5.7AI score0.01263EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by