Lucene search
K

360 matches found

Prion
Prion
added 2006/05/19 11:2 p.m.16 views

Sql injection

SQL injection vulnerability in find.php in YapBB 1.2 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the userID parameter...

6.4CVSS9.1AI score0.01156EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2006/05/19 11:2 p.m.16 views

CVE-2006-2486

SQL injection vulnerability in find.php in YapBB 1.2 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the userID parameter...

6.4CVSS8.4AI score0.01156EPSS
Exploits0References4
Cvelist
Cvelist
added 2006/05/19 11:0 p.m.21 views

CVE-2006-2486

SQL injection vulnerability in find.php in YapBB 1.2 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the userID parameter...

8.4AI score0.01156EPSS
Exploits0References4
Cvelist
Cvelist
added 2006/04/27 10:0 a.m.16 views

CVE-2006-2067

SQL injection vulnerability in vbboardfunctions.php in MKPortal 1.1, as used with vBulletin 3.5.4 and earlier, allows remote attackers to execute arbitrary SQL commands via the userid parameter...

8.4AI score0.01136EPSS
Exploits1References5
NVD
NVD
added 2006/04/20 6:6 p.m.9 views

CVE-2006-1917

SQL injection vulnerability in member.php in Blackorpheus ClanMemberSkript 1.0 allows remote attackers to execute arbitrary SQL commands via the userID parameter...

7.5CVSS8.4AI score0.01419EPSS
Exploits1References6
Prion
Prion
added 2006/04/20 6:6 p.m.13 views

Sql injection

SQL injection vulnerability in member.php in Blackorpheus ClanMemberSkript 1.0 allows remote attackers to execute arbitrary SQL commands via the userID parameter...

7.5CVSS9.1AI score0.01419EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2006/04/20 6:0 p.m.12 views

CVE-2006-1917

SQL injection vulnerability in member.php in Blackorpheus ClanMemberSkript 1.0 allows remote attackers to execute arbitrary SQL commands via the userID parameter...

8.4AI score0.01419EPSS
Exploits1References6
NVD
NVD
added 2006/04/07 10:4 a.m.14 views

CVE-2006-1661

Multiple cross-site scripting XSS vulnerabilities in SKForum 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 areaID parameter in area.View.action, 2 time parameter in planning.View.action, and 3 userID parameter in user.View.action...

6.8CVSS5.8AI score0.02432EPSS
Exploits1References8
Prion
Prion
added 2006/03/10 2:2 a.m.11 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in vbzoom 1.11 allow remote attackers to inject arbitrary web script or HTML via the UserID parameter to 1 comment.php or 2 contact.php. NOTE: the profile.php/UserName vector is already covered by CVE-2005-2441...

4.3CVSS5.9AI score0.02121EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2006/03/10 2:2 a.m.20 views

CVE-2006-1133

Multiple cross-site scripting XSS vulnerabilities in vbzoom 1.11 allow remote attackers to inject arbitrary web script or HTML via the UserID parameter to 1 comment.php or 2 contact.php. NOTE: the profile.php/UserName vector is already covered by CVE-2005-2441...

4.3CVSS5.6AI score0.01977EPSS
Exploits0References7
Cvelist
Cvelist
added 2006/03/10 2:0 a.m.24 views

CVE-2006-1133

Multiple cross-site scripting XSS vulnerabilities in vbzoom 1.11 allow remote attackers to inject arbitrary web script or HTML via the UserID parameter to 1 comment.php or 2 contact.php. NOTE: the profile.php/UserName vector is already covered by CVE-2005-2441...

5.6AI score0.01977EPSS
Exploits0References7
NVD
NVD
added 2005/12/09 3:3 p.m.12 views

CVE-2005-4139

Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84 allow remote attackers to execute arbitrary SQL commands via the 1 year parameter in calendar.php, 2 user parameter array in vprofile.php, and 3 the userid parameter in misc.php...

7.5CVSS8.5AI score0.01763EPSS
Exploits1References8
NVD
NVD
added 2005/10/30 2:34 p.m.16 views

CVE-2005-3386

SQL injection vulnerability in Techno Dreams Web Directory script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp...

7.5CVSS8.6AI score0.01631EPSS
Exploits1References7
NVD
NVD
added 2005/10/30 2:34 p.m.11 views

CVE-2005-3383

SQL injection vulnerability in Techno Dreams Announcement script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp...

7.5CVSS8.6AI score0.01579EPSS
Exploits1References6
Cvelist
Cvelist
added 2005/10/29 7:0 p.m.15 views

CVE-2005-3383

SQL injection vulnerability in Techno Dreams Announcement script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp...

8.6AI score0.01579EPSS
Exploits1References6
CVE
CVE
added 2005/10/29 7:0 p.m.48 views

CVE-2005-3385

The CVE-2005-3385 entry describes a SQL injection vulnerability in Techno Dreams Mailing List script that allows remote attackers to execute arbitrary SQL and bypass authentication via the userid parameter in admin/login.asp. Affected component: the Mailing List script; vulnerability type: SQL in...

7.5CVSS9AI score0.01579EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2005/09/21 10:3 p.m.15 views

CVE-2005-3024

Multiple SQL injection vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 announcement parameter to announcement.php, the 2 threadforumid or 3 criteria parameters to thread.php, 4 userid parameter to user.php, the 5...

7.5CVSS8.5AI score0.01224EPSS
Exploits1References2
Cvelist
Cvelist
added 2005/08/03 4:0 a.m.21 views

CVE-2005-2441

Multiple cross-site scripting XSS vulnerabilities in VBzoom allow remote attackers to inject arbitrary web script and HTML via the 1 UserName parameter to profile.php or 2 UserID parameter to login.php...

5.7AI score0.02121EPSS
Exploits0References8
Cvelist
Cvelist
added 2005/02/06 5:0 a.m.15 views

CVE-2005-0216

Cross-site scripting XSS vulnerability in formmail.php in Woltlab Burning Board Lite 1.0.0, 1.0.1e, and possibly other versions, allows remote attackers to inject arbitrary web script and HTML via the userid parameter...

5.9AI score0.0125EPSS
Exploits1References4
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.23 views

CVE-2002-1264

Buffer overflow in Oracle iSQLPlus web application of the Oracle 9 database server allows remote attackers to execute arbitrary code via a long USERID parameter in the isqlplus URL...

7.4AI score0.07724EPSS
Exploits0References6
Rows per page
Query Builder