Lucene search
K

328 matches found

NVD
NVD
added 2005/08/16 4:0 a.m.18 views

CVE-2005-2580

Multiple SQL injection vulnerabilities in MyBulletinBoard MyBB 1.00 RC4 with Security Patch allow remote attackers to execute arbitrary SQL commands via the Username field in 1 index.php or 2 member.php, action parameter to 3 search.php or 4 member.php, or 5 polloptions parameter to polls.php...

7.5CVSS8.5AI score0.02081EPSS
Exploits0References2
CVE
CVE
added 2005/06/20 4:0 a.m.51 views

CVE-2005-2001

CVE-2005-2001 : The vulnerability affects paFileDB 3.1 and earlier, where a directory traversal flaw allows remote attackers to include arbitrary files via ".." in the action parameter. The NVD/CVE entries concur on the description, with a CVSS v2 base score of 5.0 (Medium) and links to historica...

5CVSS7.1AI score0.01789EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2005/06/20 4:0 a.m.20 views

CVE-2005-2001

Directory traversal vulnerability in pafiledb.php in paFileDB 3.1 and earlier allows remote attackers to include arbitrary files via a .. dot dot in the action parameter...

6.8AI score0.01789EPSS
Exploits1References4
NVD
NVD
added 2005/05/02 4:0 a.m.24 views

CVE-2005-0327

pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified action parameter that is used in an include statement for login.php...

7.5CVSS7.5AI score0.01909EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/02/10 5:0 a.m.26 views

CVE-2005-0327

pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified action parameter that is used in an include statement for login.php...

7.5AI score0.01909EPSS
Exploits0References2
CVE
CVE
added 2004/09/01 4:0 a.m.51 views

CVE-2004-0033

PHPGEDVIEW 2.61’s admin.php is vulnerable to information disclosure: an attacker can trigger a phpinfo command via an action parameter to reveal sensitive data. The affected component is admin.php (PHPGEDVIEW 2.61). Root cause is improper handling of the action parameter, enabling remote code/inf...

5CVSS6.5AI score0.02791EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2003/08/01 4:0 a.m.46 views

CVE-2003-0615

Cross-site scripting XSS vulnerability in startform of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter...

4.3CVSS5.5AI score0.04442EPSS
Exploits0
Cvelist
Cvelist
added 2003/06/28 4:0 a.m.17 views

CVE-2003-0483

Cross-site scripting XSS vulnerabilities in XMB Forum 1.8 Partagium allow remote attackers to insert arbitrary script via 1 the member parameter to member.php or 2 the action parameter to buddy.php...

6.3AI score0.03923EPSS
Exploits0References2
Rows per page
Query Builder