CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

seebug.org•added 2014/07/01 12:0 a.m.•12 views

aBitWhizzy whizzylink.php d Variable Traversal Arbitrary Directory Listing

7.1AI score

Prion•added 2007/03/30 1:19 a.m.•8 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in aBitWhizzy allow remote attackers to inject arbitrary web script or HTML via the d parameter to 1 whizzery/whizzypic.php or 2 whizzery/whizzylink.php...

4.3CVSS6AI score0.00558EPSS

NVD•added 2007/03/30 1:19 a.m.•9 views

CVE-2007-1774

4.3CVSS5.8AI score0.00558EPSS

NVD•added 2007/03/30 1:19 a.m.•9 views

CVE-2007-1773

Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list arbitrary directories via a .. dot dot in the d parameter to 1 whizzery/whizzypic.php or 2 whizzery/whizzylink.php, different vectors than CVE-2006-6384...

2.6CVSS6.8AI score0.16881EPSS

Cvelist•added 2007/03/30 1:0 a.m.•15 views

CVE-2007-1774

5.8AI score0.00558EPSS

CVE•added 2007/03/30 1:0 a.m.•38 views

CVE-2007-1773

CVE-2007-1773 corresponds to multiple directory traversal vulnerabilities in aBitWhizzy, allowing remote attackers to enumerate arbitrary directories via a dot-dot in the d parameter to whizzery/whizzypic.php or whizzery/whizzylink.php (distinct from CVE-2006-6384). Affected component is aBitWhiz...

2.6CVSS6.8AI score0.16881EPSS

Exploits0References8Affected Software1

CVE•added 2007/03/30 1:0 a.m.•49 views

CVE-2007-1774

CVE-2007-1774 describes multiple cross-site scripting (XSS) vulnerabilities in the web app aBitWhizzy . The issue arises via the d parameter to two scripts: whizzery/whizzypic.php and whizzery/whizzylink.php , enabling remote attackers to inject arbitrary web script or HTML. The sources consisten...

4.3CVSS5.8AI score0.00558EPSS

Exploits0References8Affected Software1

Packet Storm•added 2007/03/29 12:0 a.m.•30 views

abitwhizzy-traverse.txt

aBitWhizzy traversal folder enumeration and XSS vendor url: http://www.unverse.net/abitwhizzy/ Advisore:http://lostmon.blogspot.com/2007/03/ abitwhizzy-traversal-folder-enumeration.html vendor notify:YES exploit include:YES aBitWhizzy is a php script that uses whizzywig.js to create and edit web...

exploitpack•added 2007/03/14 12:0 a.m.•5 views

aBitWhizzy - whizzypic.php?d Traversal Arbitrary Directory Listing

aBitWhizzy - whizzypic.php?d Traversal Arbitrary Directory Listing source: https://www.securityfocus.com/bid/23167/info aBitWhizzy is prone to multiple cross-site scripting and directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An...

0.3AI score

Exploit DB•added 2007/03/14 12:0 a.m.•14 views

aBitWhizzy - 'whizzypic.php?d' Traversal Arbitrary Directory Listing

source: https://www.securityfocus.com/bid/23167/info aBitWhizzy is prone to multiple cross-site scripting and directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker could exploit these vulnerabilities to view the directory...

exploitpack•added 2007/03/14 12:0 a.m.•10 views

aBitWhizzy - whizzylink.php?d Traversal Arbitrary Directory Listing

aBitWhizzy - whizzylink.php?d Traversal Arbitrary Directory Listing source: https://www.securityfocus.com/bid/23167/info aBitWhizzy is prone to multiple cross-site scripting and directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An...

0.3AI score

Exploit DB•added 2007/03/14 12:0 a.m.•20 views

aBitWhizzy - 'whizzylink.php?d' Traversal Arbitrary Directory Listing

Packet Storm•added 2006/11/27 12:0 a.m.•19 views

abittraversed.txt

vendor site: http://www.unverse.net/abitwhizzy/ product : aBitWhizzy bug:local file include global risk : high http://site.com/abitwhizzy.php?f=../../../../../../../etc/passwd laurent gaffié & benjamin mossé http://s-a-p.ca/ contact: [email protected]...

CVE•added 2006/11/24 6:0 p.m.•57 views

CVE-2006-6084

CVE-2006-6084 is a directory traversal in abitwhizzy.php of aBitWhizzy that lets remote attackers read arbitrary files via a .. in the f parameter. The PTSecurity entry reiterates the vulnerability and notes affected software without specifying fixed versions, and the NVD entry provides the same ...

5CVSS7AI score0.06386EPSS

Exploits1References9Affected Software1

securityvulns•added 2006/11/22 12:0 a.m.•55 views

aBitWhizzy [local file include]

vendor site: http://www.unverse.net/abitwhizzy/ product : aBitWhizzy bug:local file include global risk : high http://site.com/abitwhizzy.php?f=../../../../../../../etc/passwd laurent gaffi & benjamin moss http://s-a-p.ca/ contact: [email protected]...

0.9AI score

seebug.org•added 2006/11/22 12:0 a.m.•11 views

aBitWhizzy (abitwhizzy.php) Information Disclosure Vulnerability

No description provided by source. aBitWhizzy local file include vendor site: http://www.unverse.net/abitwhizzy/ product : aBitWhizzy bug:local file include global risk : high http://site.com/abitwhizzy.php?f=../../../../../../../etc/passwd laurent gaffié & benjamin mossé http://s-a-p.ca/ contact...

7.1AI score