CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1593 matches found

CVE•added 2007/01/05 2:0 a.m.•39 views

CVE-2006-6871

CVE-2006-6871 affects eNdonesia 8.4 with four XSS vectors : (1) mod.php viewlink parameter (mod), (2) informasi module showinfo intypeid, (3) the "your Friend" field in friend.php, (4) the "Main Text" field in admin.php. The vulnerability allows remote attackers to inject arbitrary web script or ...

6.8CVSS6AI score0.06362EPSS

Exploits1References5Affected Software1

NVD•added 2006/12/31 5:0 a.m.•11 views

CVE-2006-6871

Multiple cross-site scripting XSS vulnerabilities in eNdonesia 8.4 allow remote attackers to inject arbitrary web script or HTML via 1 the mod parameter in a viewlink operation in mod.php, 2 the intypeid parameter in a showinfo operation in the informasi module in mod.php, 3 the "your Friend" fie...

6.8CVSS5.8AI score0.06362EPSS

Exploits1References5

seebug.org•added 2006/12/26 12:0 a.m.•21 views

eNdonesia 8.4 (mod.php/friend.php/admin.php) Multiple Vulnerabilities

No description provided by source. bugs for Endonesia8.4 FInd:z1ckXru mail:[email protected] 1 http://localhost/en/mod.php?mod=XSS&op=viewlink&cid=5 2 http://localhost/en/friend.php your Friend:XSS 3 http://localhost/en/admin.php Main Text: XSS 4...

7.1AI score

Exploits0

exploitpack•added 2006/12/25 12:0 a.m.•12 views

eNdonesia 8.4 - mod.phpfriend.phpadmin.php Multiple Vulnerabilities

eNdonesia 8.4 - mod.phpfriend.phpadmin.php Multiple Vulnerabilities bugs for Endonesia8.4 FInd:z1ckXru mail:[email protected] 1 http://localhost/en/mod.php?mod=XSS&op=viewlink&cid=5 2 http://localhost/en/friend.php your Friend:XSS 3 http://localhost/en/admin.php Main Text: XSS 4...

0.9AI score

Exploits0

0day.today•added 2006/12/25 12:0 a.m.•29 views

eNdonesia 8.4 (mod.php/friend.php/admin.php) Multiple Vulnerabilities

Exploit for unknown platform in category web applications ===================================================================== eNdonesia 8.4 mod.php/friend.php/admin.php Multiple Vulnerabilities ===================================================================== bugs for Endonesia8.4...

7.1AI score

Exploits0

NVD•added 2006/12/04 11:28 a.m.•10 views

CVE-2006-6284

Directory traversal vulnerability in admin.php in Vikingboard 0.1.2 allows remote authenticated administrators to include arbitrary files via a .. dot dot sequence in the act parameter...

9CVSS6.3AI score0.04211EPSS

Exploits0References6

ATTACKERKB•added 2006/12/04 11:28 a.m.•1 views

CVE-2006-6284

Directory traversal vulnerability in admin.php in Vikingboard 0.1.2 allows remote authenticated administrators to include arbitrary files via a .. dot dot sequence in the act parameter...

9CVSS5.8AI score0.04211EPSS

Exploits0References7

CVE•added 2006/12/04 11:0 a.m.•38 views

CVE-2006-6284

CVE-2006-6284 affects Vikingboard 0.1.2. A directory traversal vulnerability in the file admin.php allows remote authenticated administrators to include arbitrary files via a .. sequence in the act parameter. According to NVD, the vulnerability has a CVSS v2 base score of 9.0 (HIGH) with network ...

9CVSS6.7AI score0.04211EPSS

Exploits0References6Affected Software1

Cvelist•added 2006/12/04 11:0 a.m.•12 views

CVE-2006-6284

Directory traversal vulnerability in admin.php in Vikingboard 0.1.2 allows remote authenticated administrators to include arbitrary files via a .. dot dot sequence in the act parameter...

6.3AI score0.04211EPSS

Exploits0References6

NVD•added 2006/11/30 4:28 p.m.•9 views

CVE-2006-6176

Cross-site scripting XSS vulnerability in admin.php in Blogn before 1.9.4 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

6.8CVSS5.6AI score0.01631EPSS

Exploits0References6

CVE•added 2006/11/30 4:0 p.m.•33 views

CVE-2006-6176

CVE-2006-6176 describes a Cross-site Scripting (XSS) vulnerability in Blogn’s admin.php in versions before 1.9.4, allowing remote attackers to inject arbitrary script/HTML via unspecified parameters. The NVD entry lists a base score of 6.8 (Medium) with network attack vector and no authentication...

6.8CVSS5.7AI score0.01631EPSS

Exploits0References6Affected Software1

securityvulns•added 2006/11/22 12:0 a.m.•82 views

Pearl Forums 2.4 Multiple Remote File Include Vulnerabilities

| | / | / | | | | | / | / / | | | | '| | |/| |/ / / / / | | '| | | / | | || | | | | | | | | / | | | | || |/|| || ||,// / ||| ,|/ ///////////////////////////////////////////////////////////////////////////////////////////////////////////// //Script:Pearl Forums //Author: Dr Max Virus...

0.3AI score

Exploits0

CVE•added 2006/11/08 8:0 p.m.•43 views

CVE-2006-5804

CVE-2006-5804 is a PHP remote file inclusion vulnerability in Advanced Guestbook 2.3.1 (admin.php) that allows an attacker to execute arbitrary PHP code via a URL supplied to the include_path parameter. The PT-2006-6481 entry for the same product version 2.3.1 corroborates this vector, detailing ...

7.5CVSS7.5AI score0.01414EPSS

Exploits1References6Affected Software1

Positive Technologies•added 2006/11/08 12:0 a.m.•2 views

PT-2006-6481 · Unknown · Advanced Guestbook

Name of the Vulnerable Software and Affected Versions: Advanced Guestbook version 2.3.1 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the include path parameter in the admin.php file. Recommendations: For Advanced Guestbook version 2.3.1, consider...

7.5CVSS8.3AI score0.01414EPSS

Exploits1References9

securityvulns•added 2006/11/07 12:0 a.m.•11196 views

Advanced Guestbook 2.3.1 (Admin.php) Remote File Include

Advanced Guestbook 2.3.1 Admin.php Remote File Include Author: BrokeN-ProXy Script : admin.php Found : www.hotscripts.com Risk : Dangerous Dork : "powered by: Advanced Guestbook 2.3.1" Exploit: www.Site.com/AGuest Path/admin.php?includepath=Shell?cmd Notice: AGuest Path may be more than One, You...

1.6AI score

Exploits0

0day.today•added 2006/10/31 12:0 a.m.•56 views

P-Book <= 1.17 (pb_lang) Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ============================================================== P-Book = 1.17 pblang Remote File Inclusion Vulnerabilities ============================================================== \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / ...

7.1AI score

Exploits0

Exploit DB•added 2006/10/31 12:0 a.m.•38 views

P-Book 1.17 - 'pb_lang' Remote File Inclusion

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV56$2006 ------------------------------------------------------------------------------ ECHOADV56$2006 P-Book = 1.17 pblang Remote File Inclusion...

7AI score

Exploits0

NVD•added 2006/10/23 5:7 p.m.•11 views

CVE-2006-5451

Multiple cross-site scripting XSS vulnerabilities in TorrentFlux 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 action, 2 file, and 3 users array variables in a admin.php, which are not properly handled when the administrator views the Activity Log; and the 4 torrent...

2.6CVSS5.6AI score0.01682EPSS

Exploits1References12

CVE•added 2006/10/23 5:0 p.m.•47 views

CVE-2006-5451

CVE-2006-5451 describes multiple XSS flaws in TorrentFlux 2.1. The vulnerabilities allow remote attackers to inject arbitrary script/HTML via: (1) admin.php parameters (action, file, users array) when viewing the Activity Log, and (2) startpop.php torrent parameter used by displayName. The vector...

2.6CVSS5.6AI score0.01682EPSS

Exploits1References12Affected Software1

seebug.org•added 2006/10/17 12:0 a.m.•27 views

Easynews <= 4.4.1 (admin.php) Authentication Bypass Vulnerability

No description provided by source. +------------------------------------------------------------------------------------------- + Easynews = 4.4.1 admin.php Authentication Bypass Vulnerability +------------------------------------------------------------------------------------------- + Affected...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by