Lucene search
+L

1195 matches found

Cvelist
Cvelist
added 2005/12/21 12:0 a.m.24 views

CVE-2005-4431

SQL injection vulnerability in WowBB 1.65 allows remote attackers to execute arbitrary SQL commands via the q parameter to search.php. NOTE: the viewuser.php/sortby vector is already covered by CVE-2005-1554 and CVE-2004-2181...

8AI score0.01316EPSS
Exploits1References3
NVD
NVD
added 2005/12/07 11:3 a.m.15 views

CVE-2005-4060

Cross-site scripting XSS vulnerability in search.asp in rwAuction Pro 4.0 and 5.0 allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter...

4.3CVSS5.6AI score0.02037EPSS
Exploits0References8
Cvelist
Cvelist
added 2005/12/07 11:0 a.m.24 views

CVE-2005-4060

Cross-site scripting XSS vulnerability in search.asp in rwAuction Pro 4.0 and 5.0 allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter...

5.6AI score0.02037EPSS
Exploits0References8
NVD
NVD
added 2005/12/06 11:3 a.m.11 views

CVE-2005-4044

Cross-site scripting XSS vulnerability in search.cgi in Amazon Search Directory 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly the search parameter...

4.3CVSS5.9AI score0.01177EPSS
Exploits0References5
NVD
NVD
added 2005/12/03 7:3 p.m.19 views

CVE-2005-3967

Cross-site scripting XSS vulnerability in the dosearchsite.action module in Atlassian Confluence 2.0.1 Build 321 allows remote attackers to inject arbitrary web script or HTML via the searchQuery.queryString search module parameter...

4.3CVSS5.7AI score0.01208EPSS
Exploits0References5
Cvelist
Cvelist
added 2005/12/03 7:0 p.m.24 views

CVE-2005-3967

Cross-site scripting XSS vulnerability in the dosearchsite.action module in Atlassian Confluence 2.0.1 Build 321 allows remote attackers to inject arbitrary web script or HTML via the searchQuery.queryString search module parameter...

5.7AI score0.01208EPSS
Exploits0References5
Cvelist
Cvelist
added 2005/11/29 11:0 a.m.18 views

CVE-2005-3881

SQL injection vulnerability in search.php in AtlantisFAQ Knowledge Base Software 2.03 and earlier allows remote attackers to execute arbitrary SQL commands via the searchStr parameter...

8.4AI score0.01211EPSS
Exploits0References5
NVD
NVD
added 2005/11/26 10:3 p.m.11 views

CVE-2005-3841

Cross-site scripting XSS vulnerability in kPlaylist 1.6 build 400, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchfor search parameter...

4.3CVSS5.8AI score0.01255EPSS
Exploits1References5
Cvelist
Cvelist
added 2005/11/26 10:0 p.m.19 views

CVE-2005-3841

Cross-site scripting XSS vulnerability in kPlaylist 1.6 build 400, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchfor search parameter...

5.8AI score0.01255EPSS
Exploits1References5
NVD
NVD
added 2005/10/26 1:2 a.m.18 views

CVE-2005-3308

Multiple cross-site scripting XSS vulnerabilities in Zomplog 3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 comment parameter in detail.php, 3 the username parameter in get.php, and 4 the search parameter in index.php...

4.3CVSS5.8AI score0.02143EPSS
Exploits1References8
Cvelist
Cvelist
added 2005/10/25 4:0 a.m.22 views

CVE-2005-3308

Multiple cross-site scripting XSS vulnerabilities in Zomplog 3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 comment parameter in detail.php, 3 the username parameter in get.php, and 4 the search parameter in index.php...

5.8AI score0.02143EPSS
Exploits1References8
Cvelist
Cvelist
added 2005/08/20 4:0 a.m.22 views

CVE-2004-2468

Cross-site scripting XSS vulnerability in SillySearch 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter...

5.7AI score0.01271EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/08/05 4:0 a.m.13 views

CVE-2002-2107

Cross-site scripting XSS vulnerability in the lookup script in Veridis OpenKeyServer OKS 1.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

5.7AI score0.0144EPSS
Exploits1References3
NVD
NVD
added 2005/07/27 4:0 a.m.20 views

CVE-2005-2392

Cross-site scripting XSS vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function...

4.3CVSS5.8AI score0.01406EPSS
Exploits0References8
NVD
NVD
added 2005/07/06 4:0 a.m.11 views

CVE-2005-2163

Cross-site scripting XSS vulnerability in index.php in AutoIndex PHP Script 1.5.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

4.3CVSS5.8AI score0.01812EPSS
Exploits1References3
CVE
CVE
added 2005/07/06 4:0 a.m.104 views

CVE-2005-2163

AutoIndex PHP Script 1.5.2 is affected by a stored/reflected XSS in index.php via the search parameter. The vulnerability allows an attacker to inject arbitrary HTML/JavaScript, which is executed in the victim’s browser and can lead to cookie theft or session hijacking. The Nessus entry confirms ...

4.3CVSS5.8AI score0.01812EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2005/07/06 4:0 a.m.19 views

CVE-2005-2163

Cross-site scripting XSS vulnerability in index.php in AutoIndex PHP Script 1.5.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

5.8AI score0.01812EPSS
Exploits1References3
Cvelist
Cvelist
added 2005/05/11 4:0 a.m.23 views

CVE-2005-1500

Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote attackers to execute arbitrary SQL commands via 1 the keyword parameter in search.php; or 2 the dateno parameter in viewdate mode, 3 the catid parameter in viewcat mode, the 4 monthno or 5 year parameter in viewmonth mode, or ...

8.5AI score0.02545EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2005/05/11 12:0 a.m.23 views

e107 search.php search_info Parameter Traversal Arbitrary File Inclusion

The version of e107 installed on the remote host is affected by a remote file inclusion vulnerability because it fails to properly sanitize user-supplied input to the 'searchinfo' parameter of the 'search.php' script. This vulnerability could allow a remote, unauthenticated attacker to view...

6.2AI score
Exploits0References2
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.21 views

CVE-2004-1797

Cross-site scripting XSS vulnerability in search.php for FreznoShop 1.3.0 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter...

5.8AI score0.03922EPSS
Exploits1References6
Rows per page
Query Builder