Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-5744

Malware in sbrugna...

4.3CVSS6.1AI score0.01201EPSS
Exploits5References6
NVD
NVD
added 2014/10/20 3:55 p.m.17 views

CVE-2012-5866

Cross-site scripting XSS vulnerability in include.php in Achievo 1.4.5 allows remote attackers to inject arbitrary web script or HTML via the field parameter...

4.3CVSS5.6AI score0.01201EPSS
Exploits5References4
NVD
NVD
added 2014/10/20 3:55 p.m.18 views

CVE-2012-5865

SQL injection vulnerability in dispatch.php in Achievo 1.4.5 allows remote authenticated users to execute arbitrary SQL commands via the activityid parameter in a stats action...

6.5CVSS7.7AI score0.01123EPSS
Exploits6References5
Prion
Prion
added 2014/10/20 3:55 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in include.php in Achievo 1.4.5 allows remote attackers to inject arbitrary web script or HTML via the field parameter...

4.3CVSS6AI score0.01201EPSS
Exploits5References4Affected Software1
Prion
Prion
added 2014/10/20 3:55 p.m.22 views

Sql injection

SQL injection vulnerability in dispatch.php in Achievo 1.4.5 allows remote authenticated users to execute arbitrary SQL commands via the activityid parameter in a stats action...

6.5CVSS8.4AI score0.01123EPSS
Exploits6References5Affected Software1
Cvelist
Cvelist
added 2014/10/20 3:0 p.m.18 views

CVE-2012-5866

Cross-site scripting XSS vulnerability in include.php in Achievo 1.4.5 allows remote attackers to inject arbitrary web script or HTML via the field parameter...

5.6AI score0.01201EPSS
Exploits5References4
CVE
CVE
added 2014/10/20 3:0 p.m.56 views

CVE-2012-5866

CVE-2012-5866 is an XSS vulnerability in Achievo 1.4.5, caused by an input sanitation error in include.php when handling the HTTP GET parameter field. An attacker can inject arbitrary HTML/JavaScript into a user’s browser. A PoC demonstrates script execution via include.php?field=... The HTB advi...

4.3CVSS5.6AI score0.01201EPSS
Exploits5References4Affected Software1
CVE
CVE
added 2014/10/20 3:0 p.m.59 views

CVE-2012-5865

CVE-2012-5865 concerns Achievo 1.4.5 where a SQL injection flaw exists in the dispatch.php script via the GET parameter activityid in the stats action. The vulnerability can be exploited by remote authenticated users to inject arbitrary SQL commands into the database, with the PoC indicating the ...

6.5CVSS7.9AI score0.01123EPSS
Exploits6References5Affected Software1
Dsquare
Dsquare
added 2012/11/09 12:0 a.m.33 views

Achievo 1.4.5 LFI

Local file include vulnerability in Achievo Vulnerability Type: Local File Include For the exploit source code contact DSquare Security sales team...

6.5CVSS0.9AI score0.01123EPSS
Exploits6References2
Exploit DB
Exploit DB
added 2012/11/02 12:0 a.m.32 views

Achievo 1.4.5 - Multiple Vulnerabilities (1)

Information -------------------- Name : XSS, LFI and SQL Injection Vulnerabilities in Achievo Software : Achievo 1.4.5 and possibly below. Vendor Homepage : http://www.achievo.org Vulnerability Type : Cross-Site Scripting, Local File Inclusion and SQL Injection Severity : Critical Researcher :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/11/01 12:0 a.m.35 views

Achievo 1.4.5 XSS / LFI / SQL Injection

Information -------------------- Name : XSS, LFI and SQL Injection Vulnerabilities in Achievo Software : Achievo 1.4.5 and possibly below. Vendor Homepage : http://www.achievo.org Vulnerability Type : Cross-Site Scripting, Local File Inclusion and SQL Injection Severity : Critical Researcher :...

0.6AI score
Exploits0
Rows per page
Query Builder