Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-6004

Malware in sbrugna...

4.3CVSS6.4AI score0.01446EPSS
Exploits0References4
Prion
Prion
added 2009/02/03 11:30 a.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in dispatch.php in Achievo 1.3.2-STABLE allows remote attackers to inject arbitrary web script or HTML via the atknodetype parameter...

4.3CVSS6.1AI score0.01068EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2009/02/03 11:30 a.m.8 views

CVE-2008-6034

Cross-site scripting XSS vulnerability in dispatch.php in Achievo 1.3.2 allows remote attackers to inject arbitrary web script or HTML via the atkaction parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS5.6AI score0.01446EPSS
Exploits0References3
Prion
Prion
added 2009/02/03 11:30 a.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in dispatch.php in Achievo 1.3.2 allows remote attackers to inject arbitrary web script or HTML via the atkaction parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS6AI score0.01446EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2009/02/03 11:0 a.m.47 views

CVE-2008-6035

CVE-2008-6035 is an XSS vulnerability in Achievo 1.3.2-STABLE, exposed via the atknodetype parameter in dispatch.php. The issue allows remote attackers to inject arbitrary web script or HTML. The available sources document the affected product and the vulnerability class but do not provide detail...

4.3CVSS5.9AI score0.01068EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2009/02/03 11:0 a.m.44 views

CVE-2008-6034

CVE-2008-6034 describes a cross-site scripting (XSS) vulnerability in the Achievo 1.3.2 web application, specifically in the file dispatch.php . The flaw is exploitable via the atkaction parameter, enabling remote attackers to inject arbitrary web script or HTML. The connected documents do not pr...

4.3CVSS5.7AI score0.01446EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2008/09/20 12:0 a.m.17 views

achievo-xss.txt

============================================================ Achievo-1.3.2-STABLE Cross Site Scripting XSS ============================================================ AUTHOR : ROHIT BANSAL DATE : 19th Sept,2008 Mail: RoHiTiSbAcK at GmAiL.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/09/20 12:0 a.m.25 views

Achievo 1.3.2 - 'atknodetype' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31326/info Achievo is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/06/10 12:0 a.m.20 views

achievo-upload.txt

array"zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla", with a default configuration of this script, an attacker might be able to upload arbitrary files containing malicious PHP code due to multiple file extensions isn't properly checked / errorreporting0...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/06/09 12:0 a.m.8 views

Achievo 1.3.2 - FCKeditor Arbitrary File Upload

Achievo 1.3.2 - FCKeditor Arbitrary File Upload array"zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla", with a default configuration of this script, an attacker might be able to upload arbitrary files containing malicious PHP code due to multiple file...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/09 12:0 a.m.38 views

Achievo 1.3.2 - 'FCKeditor' Arbitrary File Upload

array"zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla", with a default configuration of this script, an attacker might be able to upload arbitrary files containing malicious PHP code due to multiple file extensions isn't properly checked / errorreporting0...

7.4AI score
Exploits0
Rows per page
Query Builder