CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1593 matches found

CVE•added 2008/12/18 9:0 p.m.•34 views

CVE-2008-5672

CVE-2008-5672 pertains to multiple cross-site request forgery (CSRF) vulnerabilities in PHParanoid prior to version 0.4. The issues allow remote attackers to hijack the authentication of arbitrary users for requests that use admin.php or private messages. The provided documents confirm the affect...

6.8CVSS7.4AI score0.00126EPSS

Exploits0References3Affected Software1

Cvelist•added 2008/12/18 9:0 p.m.•11 views

CVE-2008-5672

Multiple cross-site request forgery CSRF vulnerabilities in PHParanoid before 0.4 allow remote attackers to hijack the authentication of arbitrary users for requests that use 1 admin.php or 2 private messages...

7.4AI score0.00126EPSS

Exploits0References3

seebug.org•added 2008/12/15 12:0 a.m.•11 views

Aperto Blog 0.1.1 Local File Inclusion / SQL Injection Vulnerabilities

No description provided by source. =========================================================================================================== o Aperto Blog 0.1.1 Local File Inclusion and SQL Injection Vulnerabilities Software : Aperto Blog version 0.1.1 Vendor :...

7.1AI score

Exploits0

0day.today•added 2008/12/15 12:0 a.m.•21 views

Aperto Blog 0.1.1 Local File Inclusion / SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ====================================================================== Aperto Blog 0.1.1 Local File Inclusion / SQL Injection Vulnerabilities ======================================================================...

7.1AI score

Exploits0

exploitpack•added 2008/12/15 12:0 a.m.•8 views

Aperto Blog 0.1.1 - Local File Inclusion SQL Injection

Aperto Blog 0.1.1 - Local File Inclusion SQL Injection =========================================================================================================== o Aperto Blog 0.1.1 Local File Inclusion and SQL Injection Vulnerabilities Software : Aperto Blog version 0.1.1 Vendor :...

8.6AI score

Exploits0

Packet Storm•added 2008/12/15 12:0 a.m.•16 views

Aperto Blog 0.1.1 Local File Inclusion / SQL Injection

=========================================================================================================== o Aperto Blog 0.1.1 Local File Inclusion and SQL Injection Vulnerabilities Software : Aperto Blog version 0.1.1 Vendor : http://code.google.com/p/apertoblog/ Download :...

7.4AI score

Exploits0

Exploit DB•added 2008/12/15 12:0 a.m.•28 views

Aperto Blog 0.1.1 - Local File Inclusion / SQL Injection

7AI score

Exploits0

Prion•added 2008/12/12 4:30 p.m.•10 views

Sql injection

SQL injection vulnerability in admin.php in E-topbiz Domain Shop 2 allows remote attackers to execute arbitrary SQL commands via the passfromform parameter...

7.5CVSS9.1AI score0.00517EPSS

Exploits0References4Affected Software1

NVD•added 2008/12/12 4:30 p.m.•11 views

CVE-2008-5486

SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.4AI score0.00421EPSS

Exploits0References5

Prion•added 2008/12/12 4:30 p.m.•7 views

Sql injection

SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS9.1AI score0.00421EPSS

Exploits0References5

CVE•added 2008/12/12 4:0 p.m.•36 views

CVE-2008-5487

CVE-2008-5487 affects TurnkeyForms Text Link Sales: vulnerable admin.php parameter id enables cross-site scripting (XSS) by injecting arbitrary script/HTML. CVSS 2.0 base score 4.3 (Medium). No remediation details provided in the supplied documents.

4.3CVSS5.7AI score0.03183EPSS

Exploits0References5Affected Software1

Cvelist•added 2008/12/12 4:0 p.m.•13 views

CVE-2008-5486

SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.4AI score0.00421EPSS

Exploits0References5

CVE•added 2008/12/12 4:0 p.m.•39 views

CVE-2008-5488

CVE-2008-5488 is a SQL injection in E-topbiz Domain Shop 2, affecting admin.php via the passfromform parameter, allowing remote execution of arbitrary SQL commands. All sources (NVD entries and CVE records) confirm the vulnerability in the admin interface and the potential impact (partial confide...

7.5CVSS8.4AI score0.00517EPSS

Exploits0References4Affected Software1

CVE•added 2008/12/12 4:0 p.m.•35 views

CVE-2008-5486

CVE-2008-5486 describes an SQL injection vulnerability in TurnkeyForms Text Link Sales, specifically in admin.php where the id parameter is vulnerable. Exploitation details are not provided in the connected documents; the vulnerability could allow remote attackers to execute arbitrary SQL command...

7.5CVSS8.4AI score0.00421EPSS

Exploits0References5Affected Software1

Cvelist•added 2008/12/12 4:0 p.m.•17 views

CVE-2008-5488

SQL injection vulnerability in admin.php in E-topbiz Domain Shop 2 allows remote attackers to execute arbitrary SQL commands via the passfromform parameter...

8.4AI score0.00517EPSS

Exploits0References4

Prion•added 2008/11/18 12:30 a.m.•12 views

Authentication flaw

admin.php in CCleague Pro 1.2 allows remote attackers to bypass authentication by setting the type cookie value to admin...

6.8CVSS7.5AI score0.02341EPSS

Exploits1References5Affected Software1

NVD•added 2008/11/18 12:30 a.m.•7 views

CVE-2008-5123

SQL injection vulnerability in admin.php in CCleague Pro 1.2 allows remote attackers to execute arbitrary SQL commands via the u parameter...

6.8CVSS8.4AI score0.00493EPSS

Exploits0References5