Lucene search
K

347 matches found

Cvelist
Cvelist
added 2006/01/18 2:0 a.m.24 views

CVE-2006-0249

SQL injection vulnerability in viewcat.php in BitDamaged geoBlog MOD1.0 allows remote attackers to execute arbitrary SQL commands, then steal credentials and upload files, via the cat parameter $tmpCategory variable...

8.2AI score0.01294EPSS
Exploits1References7
Prion
Prion
added 2006/01/18 1:51 a.m.17 views

Sql injection

SQL injection vulnerability in viewcat.php in BitDamaged geoBlog MOD1.0 allows remote attackers to execute arbitrary SQL commands, then steal credentials and upload files, via the cat parameter $tmpCategory variable...

7.5CVSS8.9AI score0.01294EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2006/01/18 1:51 a.m.24 views

CVE-2006-0249

SQL injection vulnerability in viewcat.php in BitDamaged geoBlog MOD1.0 allows remote attackers to execute arbitrary SQL commands, then steal credentials and upload files, via the cat parameter $tmpCategory variable...

7.5CVSS8.2AI score0.01294EPSS
Exploits1References7
NVD
NVD
added 2005/10/30 2:34 p.m.22 views

CVE-2005-3369

Multiple SQL injection vulnerabilities in the Info-DB module infodb.php in Woltlab Burning Board 2.7 and earlier allow remote attackers to execute arbitrary SQL commands and possibly upload files via the 1 fileid and 2 subkatid parameters...

7.5CVSS8.6AI score0.01321EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2005/10/23 12:0 a.m.4 views

PT-2005-4099 · Ftgate · Mailsite Express

Name of the Vulnerable Software and Affected Versions: Mailsite Express affected versions not specified Description: The issue allows remote attackers to upload and execute files with executable extensions, such as ASP, by utilizing the compose page feature. Attackers can attach the file and then...

5CVSS6.7AI score0.01309EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2005/08/24 12:0 a.m.23 views

phpkit161.txt

SQL Injection and PHP Code Injection Vulnerabilities in PHPKit 1.6.1 Version: PHPKit 1.6.1 Risk: High if magicquotesgpc = Off URL: http://www.phpkit.com SQL Injection in include.php?path=login/member.php The parameters usernick and letters are vulnerable to SQL Injections. POC:...

7.4AI score
Exploits0
CVE
CVE
added 2005/02/10 5:0 a.m.54 views

CVE-2005-0332

The CVE-2005-0332 entry concerns DeskNow Mail and Collaboration Server (v2.5.12) with two directory traversal flaws. The first allows remote upload (and possible JSP-based execution) through the AttachmentsKey parameter to attachment.do, enabling files to be placed outside the intended directory....

7.5CVSS7.2AI score0.02001EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder