CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SQL injection vulnerability in lib/adodb/server.php in AngelineCMS 0.6.5 and earlier might allow remote attackers to execute arbitrary SQL commands via the query string...

6.4CVSS9.1AI score0.00326EPSS

Exploits0References4Affected Software1

NVD•added 2006/05/12 12:2 a.m.•9 views

CVE-2006-2328

SQL injection vulnerability in lib/adodb/server.php in AngelineCMS 0.6.5 and earlier might allow remote attackers to execute arbitrary SQL commands via the query string...

6.4CVSS8.4AI score0.00326EPSS

Exploits0References4

NVD•added 2006/05/12 12:2 a.m.•8 views

CVE-2006-2329

AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensitive information via a direct request for 1 adodb-access.inc.php, 2 adodb-ado.inc.php, 3 adodb-adoaccess.inc, 4 adodb-adomssql.inc.php, 5 adodb-borlandibase, 6 adodb-csv.inc.php, 7 adodb-db2.inc.php, 8 adodb-fbsql.inc.php, 9...

5CVSS6.3AI score0.00581EPSS

Exploits1References4

Prion•added 2006/05/12 12:2 a.m.•8 views

Design/Logic Flaw

5CVSS6.8AI score0.00581EPSS

Exploits1References4Affected Software1

CVE•added 2006/05/12 12:0 a.m.•38 views

CVE-2006-2328

CVE-2006-2328 describes a SQL injection in AngelineCMS 0.6.5 and earlier. The issue is in the library file lib/adodb/server.php and allows an attacker to manipulate the query string to execute arbitrary SQL commands. Affected product/version explicitly stated as AngelineCMS 0.6.5 and earlier; roo...

6.4CVSS8.4AI score0.00326EPSS

Exploits0References4Affected Software1

CVE•added 2006/05/12 12:0 a.m.•35 views

CVE-2006-2329

AngelineCMS 0.6.5 and earlier suffers an information disclosure vulnerability. A remote attacker can obtain sensitive information by directly requesting a set of ADODB-related include files (adodb-*.inc.php) which reveal file paths via error messages, and by directly requesting the lib/system/ di...

5CVSS6.3AI score0.00581EPSS

Exploits1References4Affected Software1

Cvelist•added 2006/05/12 12:0 a.m.•14 views

CVE-2006-2329

6.3AI score0.00581EPSS

Exploits1References4

Cvelist•added 2006/05/12 12:0 a.m.•13 views

CVE-2006-2328

SQL injection vulnerability in lib/adodb/server.php in AngelineCMS 0.6.5 and earlier might allow remote attackers to execute arbitrary SQL commands via the query string...

8.4AI score0.00326EPSS

Exploits0References4

securityvulns•added 2006/05/09 12:0 a.m.•24 views

AngelineCMS Multiple Vulnerabilities

Summary: --------------------------------------------------- AngelineCMS API C 2003-2004 AngelineCMS developers [email protected] AngelineCMS API is a PHP framework which was developed for rapid development of AngelineCMS content management system. AngelineCMS API is OPEN SOURCE software...

0.7AI score

Exploits0

Packet Storm•added 2006/04/11 12:0 a.m.•34 views

AngelineCMS0.8.1.txt

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV27$2006 --------------------------------------------------------------------------- ECHOADV27$2006 AngelineCMS 0.8.1 Installpath Remote File Inclusion...

7.4AI score

Exploits0

NVD•added 2006/04/06 10:4 a.m.•9 views

CVE-2006-1653

PHP remote file inclusion vulnerability in loadkernel.php in AngelineCMS 0.8.1 allows remote attackers to execute arbitrary PHP code via a URL in the installPath parameter...

7.5CVSS7.5AI score0.0113EPSS

Exploits1References5

CVE•added 2006/04/06 10:0 a.m.•45 views

CVE-2006-1653

The CVE references AngelineCMS 0.8.1 with a remote file inclusion (RFI) in loadkernel.php that allows an attacker to supply a URL for the installPath parameter, leading to arbitrary PHP code execution on the server. Public sources describe the issue as an RFI in /kernel/loadkernel.php and note th...

7.5CVSS7.5AI score0.0113EPSS

Exploits1References5Affected Software1

Cvelist•added 2006/04/06 10:0 a.m.•14 views

CVE-2006-1653

PHP remote file inclusion vulnerability in loadkernel.php in AngelineCMS 0.8.1 allows remote attackers to execute arbitrary PHP code via a URL in the installPath parameter...

7.5AI score0.0113EPSS

Exploits1References5

securityvulns•added 2006/04/05 12:0 a.m.•35 views

[ECHO_ADV_27$2006] AngelineCMS 0.8.1 Installpath Remote File Inclusion

/ / | | / // / | | Y / | / / /| / / / / / / .OR.ID ECHOADV27$2006 --------------------------------------------------------------------------- ECHOADV27$2006 AngelineCMS 0.8.1 Installpath Remote File Inclusion --------------------------------------------------------------------------- Author :...

0.2AI score

Exploits0

Tenable Nessus•added 2006/04/05 12:0 a.m.•22 views

AngelineCMS loadkernel.php installPath Parameter Remote File Inclusion

The remote host is running AngelineCMS, an open source content management system written in PHP. The version of AngelineCMS installed on the remote host fails to sanitize user-supplied input to the 'installPath' parameter of the '/kernel/loadkernel.php' script before using it in a PHP 'includeonc...

7.5CVSS5.9AI score0.0113EPSS

Exploits1References2

0day.today•added 2006/04/04 12:0 a.m.•406 views

AngelineCMS 0.8.1 (installpath) Remote File Inclusion Exploit

Exploit for unknown platform in category web applications ============================================================= AngelineCMS 0.8.1 installpath Remote File Inclusion Exploit ============================================================= !/usr/bin/perl AngelineCMS 0.8.1 installpath Remote Cod...

7.1AI score

Exploits0

Exploit DB•added 2006/04/04 12:0 a.m.•33 views

AngelineCMS 0.8.1 - 'installpath' Remote File Inclusion

!/usr/bin/perl AngelineCMS 0.8.1 installpath Remote Code Execution Exploit Bug Found & code By K-159 code reference from uid0/zod at ExploiterCode.com echo.or.id c 2006 usage: perl angelineCMS.pl perl angelineCMS.pl http://target.com/ http://site.com/cmd.txt cmd cmd shell example: cmd shell...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by