CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1673 matches found

Cvelist•added 2006/07/06 8:0 p.m.•16 views

CVE-2006-3382

Cross-site scripting XSS vulnerability in search.php in mAds 1.0 allows remote attackers to inject arbitrary web script or HTML via the "search string"...

5.7AI score0.00622EPSS

Exploits1References7

CVE•added 2006/06/30 11:0 p.m.•40 views

CVE-2006-3329

The CVE-2006-3329 entry concerns a SQL injection in search.php of PHP/MySQL Classifieds (PHP Classifieds). The vulnerability is exploitable via the rate parameter, potentially affecting data confidentiality, integrity, and availability as indicated by CVSS v2 base metrics (AV:N/AC:L/Au:N/C:P/I:P/...

7.5CVSS8.8AI score0.00587EPSS

Exploits0References5Affected Software1

NVD•added 2006/06/28 10:5 p.m.•10 views

CVE-2006-3283

SQL injection vulnerability in Dating Agent PRO 4.7.1 allows remote attackers to execute arbitrary SQL commands via the 1 pid parameter in picture.php, 2 mid parameter in mem.php, and the 3 sex and 4 relationship parameters in search.php...

7.5CVSS8.4AI score0.00487EPSS

Exploits0References3

Cvelist•added 2006/06/28 10:0 p.m.•11 views

CVE-2006-3283

8.4AI score0.00487EPSS

Exploits0References3

CVE•added 2006/06/28 10:0 p.m.•43 views

CVE-2006-3284

CVE-2006-3284 describes an XSS vulnerability in Dating Agent PRO 4.7.1. Affected component: login parameter in webmaster/index.php and search.php, enabling injection of arbitrary web script/HTML. The NVD entry records CVSSv2 base score 2.6 (LOW) with network attack, high complexity, no authentica...

2.6CVSS6AI score0.00427EPSS

Exploits0References5Affected Software1

NVD•added 2006/06/27 9:5 p.m.•14 views

CVE-2006-3259

Multiple cross-site scripting XSS vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the 1 ep parameter to search.php and the 2 subject parameter in comment.php aka the Subject field when posting a comment...

4.3CVSS5.8AI score0.09047EPSS

Exploits1References8

Cvelist•added 2006/06/27 9:0 p.m.•19 views

CVE-2006-3259

5.8AI score0.09047EPSS

Exploits1References8

Packet Storm•added 2006/06/26 12:0 a.m.•24 views

mp3com.txt

mp3.com - Cross site scripting vulnerability ---------------------------------------------- Type: Cross site scripting Date: June, 15th 2006 ---------------------------------------------- Credits: ---------------------------------------------- Discovered by: David "Aesthetico" Vieira-Kurz...

7.4AI score

Exploits0

NVD•added 2006/06/23 12:2 a.m.•17 views

CVE-2006-3174

Cross-site scripting XSS vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when registerglobals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter...

2.6CVSS5.7AI score0.01159EPSS

Exploits1References10

CVE•added 2006/06/23 12:0 a.m.•96 views

CVE-2006-3174

CVE-2006-3174 is a cross-site scripting (XSS) vulnerability in SquirrelMail up to version 1.5.1, triggered in search.php when register_globals is enabled. An attacker could inject arbitrary HTML via the mailbox parameter, potentially affecting users who view the affected page. Connected documents...

2.6CVSS5.5AI score0.01159EPSS

Exploits1References10Affected Software1

Cvelist•added 2006/06/23 12:0 a.m.•20 views

CVE-2006-3174

Cross-site scripting XSS vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when registerglobals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter...

5.6AI score0.01159EPSS

Exploits1References10

securityvulns•added 2006/06/21 12:0 a.m.•39 views

e107 v0.7.5 XSS

http://target.xx/search.php?q=&r=0&s=Search&in=1&ex=1&ep= 273E3Cscript3Ealert282FXSS2F293C2Fscript 3E&be=1&t=1&adv=1&type=all&on=new&time=any&author= ------------------ Submit comment Subject: 'scriptalert/XSS//script Click Reply to this you comment. Ellipsis Security http://www.ellsec.org...

7AI score

Exploits0

NVD•added 2006/06/13 1:2 a.m.•10 views

CVE-2006-3001

Cross-site scripting XSS vulnerability in search.php in OkScripts OkMall 1.0 allow remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: this might be resultant from another vulnerability, since the XSS is reflected in an error message...

5.8CVSS5.2AI score0.00615EPSS

Exploits1References5

NVD•added 2006/06/13 1:2 a.m.•10 views

CVE-2006-2999

Cross-site scripting XSS vulnerability in search.php in OkScripts QuickLinks 1.1 allows remote attackers to inject arbitrary web script or HTML via the q parameter...

4.3CVSS5.7AI score0.00494EPSS

Exploits1References5

Cvelist•added 2006/06/13 1:0 a.m.•17 views

CVE-2006-3000

Cross-site scripting XSS vulnerability in search.php in OkScripts OkArticles 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter...

5.7AI score0.00494EPSS

Exploits1References5

CVE•added 2006/06/07 10:0 a.m.•46 views

CVE-2006-2883

CVE-2006-2883 concerns a cross-site scripting (XSS) vulnerability in Kmita FAQ 1.0’s search.php. The issue allows remote attackers to inject arbitrary web script or HTML via the q parameter. The vulnerability affects the search function and is documented with a CVSS 2.0 base score of 4.3 (Medium)...

4.3CVSS5.7AI score0.07101EPSS

Exploits1References7Affected Software1

Cvelist•added 2006/06/07 10:0 a.m.•25 views

CVE-2006-2883

Cross-site scripting XSS vulnerability in search.php in Kmita FAQ 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter...

5.7AI score0.07101EPSS

Exploits1References7

securityvulns•added 2006/06/06 12:0 a.m.•29 views

LabWiki v1.0

LabWiki 1.0 Homepage: http://www.bioinformatics.org/phplabware/labwiki/index.php Effected files: search.php The search input box does not sanatize user input before dynamically genrating it. XSS Proof of concept: "SCRIPT SRC=http://evilsite.com/xss.js/SCRIPT"...

0.3AI score

Exploits0

NVD•added 2006/06/05 5:2 p.m.•13 views

CVE-2006-2827

SQL injection vulnerability in search.php in X-Cart Gold and Pro 4.0.18, and X-Cart 4.1.0 beta 1, allows remote attackers to execute arbitrary SQL commands via the "Search for pattern" field, when the settings specify only "Search in Detailed description" and "Search also in ISBN." NOTE: the vend...

9.8CVSS8.1AI score0.0078EPSS

Exploits0References3

Cvelist•added 2006/06/05 5:0 p.m.•15 views

CVE-2006-2827

8.1AI score0.0078EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by