Lucene search
K

32 matches found

CVE
CVE
added 2012/08/23 8:0 p.m.39 views

CVE-2011-5109

CVE-2011-5109 describes multiple SQL injection vulnerabilities in Freelancer calendar 1.01 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the SearchField parameter in a search action to (1) category_list.php, (2) Copy_of_calendar_list.php, (3) customer_s...

7.5CVSS7.7AI score0.02042EPSS
Exploits1References11Affected Software1
Cvelist
Cvelist
added 2012/08/23 8:0 p.m.21 views

CVE-2011-5110

Multiple SQL injection vulnerabilities in Blogs Manager 1.101 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to 1 authorslist.php, 2 blogslist.php, 3 categorylist.php, 4 commentslist.php, 5 policylist.php, 6 ratelist.php, 7...

8.5AI score0.02422EPSS
Exploits1References18
NVD
NVD
added 2011/12/02 6:55 p.m.21 views

CVE-2011-4672

Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to 1 partnerlist.php, 2 proioncategorylist.php, 3 rantevoulist.php, 4 syncategorylist.php, 5 synallasomenoslist.php, 6...

7.5CVSS8.5AI score0.011EPSS
Exploits1References5
Prion
Prion
added 2011/12/02 6:55 p.m.14 views

Sql injection

Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to 1 partnerlist.php, 2 proioncategorylist.php, 3 rantevoulist.php, 4 syncategorylist.php, 5 synallasomenoslist.php, 6...

7.5CVSS9.2AI score0.011EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2011/12/02 6:0 p.m.23 views

CVE-2011-4672

Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to 1 partnerlist.php, 2 proioncategorylist.php, 3 rantevoulist.php, 4 syncategorylist.php, 5 synallasomenoslist.php, 6...

8.5AI score0.011EPSS
Exploits1References5
Prion
Prion
added 2009/03/19 10:30 a.m.16 views

Sql injection

Multiple SQL injection vulnerabilities in PHPRunner 4.2, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the SearchField parameter to 1 UserViewlist.php, 2 orderslist.php, 3 userslist.php, and 4 Administratorlist.php...

7.5CVSS9.3AI score0.02053EPSS
Exploits2References11Affected Software1
0day.today
0day.today
added 2009/03/17 12:0 a.m.42 views

PHPRunner 4.2 (SearchOption) Blind SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================== PHPRunner 4.2 SearchOption Blind SQL Injection Vulnerability ==============================================================...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/03/17 12:0 a.m.31 views

PHPRunner 4.2 SQL Injection

www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory: http://www.bugreport.ir/index63.htm Fix: N/A - Description: PHPRunner...

0.6AI score
Exploits0
Prion
Prion
added 2008/05/13 10:20 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in SystemList.jsp in SysAid 5.1.08 allows remote attackers to inject arbitrary web script or HTML via the searchField parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS6AI score0.01022EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2006/04/01 12:0 a.m.22 views

CVE-2006-1567

Cross-site scripting XSS vulnerability in searchresults.asp in SiteSearch Indexer 3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchField parameter...

5.7AI score0.01884EPSS
Exploits1References6
NVD
NVD
added 2005/12/22 11:3 a.m.14 views

CVE-2005-4487

Cross-site scripting XSS vulnerability in RAMSite R|1 CMS 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter...

4.3CVSS5.7AI score0.01177EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/12/22 11:0 a.m.16 views

CVE-2005-4487

Cross-site scripting XSS vulnerability in RAMSite R|1 CMS 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter...

5.7AI score0.01177EPSS
Exploits0References4
Rows per page
Query Builder