Lucene search
+L

250 matches found

NVD
NVD
added 2006/06/12 10:2 p.m.10 views

CVE-2006-2975

Multiple cross-site scripting XSS vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the 1 name, 2 email, and 3 website parameter, which bypasses XSS protection mechanisms that...

2.6CVSS5.3AI score0.01417EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.35 views

FreeBSD : phpbb -- multiple vulnerabilities (28c9243a-72ed-11da-8c1d-000e0c2e438a)

Multiple vulnerabilities have been reported within phpbb. phpbb is proven vulnerable to : - script insertion, - bypassing of protetion mechanisms, - multiple cross site scripting vulnerabilities, - SQL injection, - arbitrary code execution %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

7.5CVSS6AI score0.02367EPSS
Exploits1References12
Prion
Prion
added 2006/01/31 11:3 a.m.21 views

Cross site scripting

pmwiki.php in PmWiki 2.1 beta 20, with registerglobals enabled, allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS variable with the same name, which causes PmWiki to unset the GLOBALS variable but not the GPC...

4.3CVSS6.5AI score0.03109EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2006/01/31 11:3 a.m.17 views

CVE-2006-0479

pmwiki.php in PmWiki 2.1 beta 20, with registerglobals enabled, allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS variable with the same name, which causes PmWiki to unset the GLOBALS variable but not the GPC...

4.3CVSS6.3AI score0.03109EPSS
Exploits0References9
Cvelist
Cvelist
added 2006/01/31 11:0 a.m.21 views

CVE-2006-0479

pmwiki.php in PmWiki 2.1 beta 20, with registerglobals enabled, allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS variable with the same name, which causes PmWiki to unset the GLOBALS variable but not the GPC...

6.3AI score0.03109EPSS
Exploits0References9
CVE
CVE
added 2006/01/31 11:0 a.m.63 views

CVE-2006-0479

The CVE covers PmWiki 2.1 beta 20 (and vulnerable up to 2.1 beta 21) where enabling PHP register_globals lets remote attackers bypass protections by setting a GPC variable and a GLOBALS[] with the same name. This causes GLOBALS[] to be unset while the GPC variable remains, enabling issues such as...

4.3CVSS6.3AI score0.03109EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2005/11/01 9:2 p.m.25 views

CVE-2005-3415

phpBB 2.0.17 and earlier allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GET/POST/COOKIE GPC variable and a GLOBALS variable with the same name, which causes phpBB to unset the GLOBALS variable but not the GPC variable...

7.5CVSS6.4AI score0.02367EPSS
Exploits0References10
CVE
CVE
added 2005/11/01 9:0 p.m.65 views

CVE-2005-3415

CVE-2005-3415 affects phpBB 2.0.17 and earlier, where remote attackers can bypass protection by setting a GET/POST/COOKIE variable and a GLOBALS[] variable with the same name, causing GLOBALS[] to be unset while the GPC variable remains. This can manipulate phpBB behavior. The OpenVAS and Debian ...

7.5CVSS6.3AI score0.02367EPSS
Exploits0References10Affected Software1
FreeBSD
FreeBSD
added 2005/10/24 12:0 a.m.26 views

phpbb -- multiple vulnerabilities

Multiple vulnerabilities have been reported within phpbb. phpbb is proven vulnerable to: script insertion, bypassing of protetion mechanisms, multiple cross site scripting vulnerabilities, SQL injection, arbitrary code execution...

7.5CVSS6.7AI score0.02367EPSS
Exploits1References2
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.11 views

Security update 1970-01-01

...

7.3AI score
Exploits0
Rows per page
Query Builder