Lucene search
K

168 matches found

0day.today
0day.today
added 2017/03/06 12:0 a.m.28 views

Website Broker Script 3.02 - view Parameter SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Website Broker Script v3.02 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/website-broker-script/ Demo:...

0.2AI score
Exploits0
OSV
OSV
added 2017/01/23 9:59 p.m.2 views

CVE-2016-0769

Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow 1 remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the 2 view, 3 mark, or 4 change parameter...

8.8CVSS6.1AI score0.02894EPSS
Exploits1References3
NVD
NVD
added 2014/04/02 4:5 p.m.14 views

CVE-2013-1770

Cross-site scripting XSS vulnerability in viewsview.php in Ganglia Web 3.5.7 allows remote attackers to inject arbitrary web script or HTML via the viewname parameter...

4.3CVSS5.6AI score0.02164EPSS
Exploits1References7
Atlassian
Atlassian
added 2014/01/09 12:39 a.m.22 views

XSS in the view parameter of several actions

The following XSS issues were detected by a customer. /changelog?max=30&view=cru%22;alert4015891;//%22&@asv=cru /project/CR?max=30&projectKey=CR&view=all";alert3166631;//"&@asv=all /user/c30626?max=30&name=c30626&view=all";alert1287220;//"&@asv=all...

3.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/01/09 12:39 a.m.19 views

XSS in the view parameter of several actions

The following XSS issues were detected by a customer. /changelog?max=30&view=cru%22;alert4015891;//%22&@asv=cru /project/CR?max=30&projectKey=CR&view=all";alert3166631;//"&@asv=all /user/c30626?max=30&name=c30626&view=all";alert1287220;//"&@asv=all...

3.2AI score
Exploits0
OSV
OSV
added 2013/03/20 3:55 p.m.2 views

DEBIAN-CVE-2013-0332

Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attackers to read arbitrary files via a .. dot dot in the 1 view, 2 request, or 3 action parameter...

5CVSS6.8AI score0.10195EPSS
Exploits0References1
NVD
NVD
added 2012/02/24 1:55 p.m.13 views

CVE-2012-1213

Cross-site scripting XSS vulnerability in zimbra/h/calendar in Zimbra Web Client in Zimbra Collaboration Suite ZCS 6.x before 6.0.15 and 7.x before 7.1.3 allows remote attackers to inject arbitrary web script or HTML via the view parameter...

4.3CVSS5.7AI score0.01605EPSS
Exploits2References5
Prion
Prion
added 2012/02/24 1:55 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in zimbra/h/calendar in Zimbra Web Client in Zimbra Collaboration Suite ZCS 6.x before 6.0.15 and 7.x before 7.1.3 allows remote attackers to inject arbitrary web script or HTML via the view parameter...

4.3CVSS6.1AI score0.01605EPSS
Exploits2References5
Packet Storm
Packet Storm
added 2011/06/28 12:0 a.m.25 views

Joomla CSVUploader SQL Injection

Joomla Component comcsvuploader SQL Injection Vulnerability Author : pks Greetz : p0fk - ksha - SeC - seth - xin0 - xacks - Yoya all gay´s... Spam 2 : www.mitm.cl - pks-pkz.blogspot.com Name : Joomla comcsvuploader Type : SQL injection ++ Example:...

1.2AI score
Exploits0
OpenVAS
OpenVAS
added 2011/05/18 12:0 a.m.13 views

Joomla Component com_aist SQL Injection Vulnerability

This host is running Joomla! and is prone to SQL injection vulnerability. OpenVAS Vulnerability Test $Id: gbjoomlacomaistsqlinjvuln.nasl 7019 2017-08-29 11:51:27Z teissa $ Joomla Component 'comaist' SQL Injection Vulnerability Authors: Madhuri D Copyright: Copyright c 2011 Greenbone Networks GmbH...

0.2AI score
Exploits0References1
Packet Storm
Packet Storm
added 2010/12/09 12:0 a.m.20 views

WWWThreads 5.0.8 Pro Cross Site Scripting

www.eVuln.com advisory: Non-persistent XSS in WWWThreads perl version Summary: http://evuln.com/vulns/157/summary.html Details: http://evuln.com/vulns/157/description.html -----------Summary----------- eVuln ID: EV0157 Software: n/a Vendor: WWWThreads Version: v5.0.8 Pro perl version Critical...

7.4AI score
Exploits0
Prion
Prion
added 2009/11/23 5:30 p.m.18 views

Directory traversal

Directory traversal vulnerability in getfile.php in phpMyBackupPro 2.1 allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5CVSS7AI score0.07605EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2009/11/10 2:30 a.m.16 views

CVE-2009-3618

Cross-site scripting XSS vulnerability in viewvc.py in ViewVC 1.0 before 1.0.9 and 1.1 before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the view parameter. NOTE: some of these details are obtained from third party information...

4.3CVSS5.5AI score0.01604EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2009/11/10 2:30 a.m.15 views

CVE-2009-3618

Cross-site scripting XSS vulnerability in viewvc.py in ViewVC 1.0 before 1.0.9 and 1.1 before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the view parameter. NOTE: some of these details are obtained from third party information...

4.3CVSS6AI score0.01604EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2009/11/10 2:0 a.m.19 views

CVE-2009-3618

Removed by vendor...

4.3CVSS6.7AI score0.01604EPSS
Exploits0
NVD
NVD
added 2009/08/17 4:30 p.m.20 views

CVE-2009-2780

Multiple cross-site scripting XSS vulnerabilities in 68 Classifieds 4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter to category.php, view parameter to 2 login.php and 3 viewlisting.php, page parameter to 4 searchresults.php and 5 toplistings.php, and 6...

4.3CVSS5.8AI score0.0224EPSS
Exploits1References9
Prion
Prion
added 2009/01/29 6:30 p.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to inject arbitrary web script or HTML via the view parameter...

4.3CVSS6.1AI score0.01453EPSS
Exploits1References4
Prion
Prion
added 2008/11/14 6:8 p.m.19 views

Sql injection

Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 aka Uploader PRO, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to a img.php, b file.php, c mail.php, d thumb.php, e zip.php, and f zipit.php, and 2 the view parameter t...

6.8CVSS9.3AI score0.00916EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2008/04/12 8:5 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in the ConcoursPhoto module for KwsPHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the VIEW parameter...

4.3CVSS6.2AI score0.01462EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2008/04/12 8:0 p.m.20 views

CVE-2008-1757

Cross-site scripting XSS vulnerability in index.php in the ConcoursPhoto module for KwsPHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the VIEW parameter...

5.8AI score0.01462EPSS
Exploits0References4
Rows per page
Query Builder