Lucene search
K

676 matches found

NVD
NVD
added 2006/12/15 7:28 p.m.20 views

CVE-2006-6590

PHP remote file inclusion vulnerability in usercpmenu.php in AR Memberscript allows remote attackers to execute arbitrary PHP code via a URL in the scriptfolder parameter...

7.5CVSS7.5AI score0.02097EPSS
Exploits0References2
CVE
CVE
added 2006/12/15 7:0 p.m.68 views

CVE-2006-6590

CVE-2006-6590: PHP remote file inclusion in AR Memberscript, specifically in usercp_menu.php, allows an attacker to supply a URL via the script_folder parameter to execute arbitrary PHP code. The NVD entry lists a CVSS v2 base score of 7.5 (HIGH) with network vector and low attack complexity, no ...

7.5CVSS7.9AI score0.02097EPSS
Exploits0References2Affected Software1
seebug.org
seebug.org
added 2006/12/15 12:0 a.m.21 views

AR Memberscript (usercp_menu.php) Remote File Include Vulnerability

No description provided by source. Author: ex0 armemberscript - remote file include vulnerability all versions There is no vendo patch, and doubt there will be. I havnt been able to get in touch with the vendor for 2 months armemberscript is a script used by many anime sites to manage their...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/12/14 12:0 a.m.33 views

AR Memberscript (usercp_menu.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications =================================================================== AR Memberscript usercpmenu.php Remote File Include Vulnerability =================================================================== Author: ex0 armemberscript - remote fi...

7.1AI score
Exploits0
NVD
NVD
added 2006/06/05 5:2 p.m.13 views

CVE-2006-2809

Multiple cross-site scripting XSS vulnerabilities in index.php in ar-blog 5.2 allow remote attackers to inject arbitrary web script or HTML via the 1 count parameter, and possibly the 2 next, 3 Yearthenews, and 4 mo parameters. NOTE: the year and month vectors are already covered by CVE-2006-0333...

6.8CVSS5.7AI score0.01295EPSS
Exploits0References3
CVE
CVE
added 2006/06/05 5:0 p.m.46 views

CVE-2006-2809

CVE-2006-2809 corresponds to multiple XSS vulnerabilities in ar-blog 5.2, affecting index.php via parameters (count, and possibly next, Year_the_news, mo). Root cause is improper handling/validation of user-supplied input leading to script/HTML injection. Affected component is ar-blog 5.2, index....

6.8CVSS5.8AI score0.01295EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2006/06/05 5:0 p.m.20 views

CVE-2006-2809

Multiple cross-site scripting XSS vulnerabilities in index.php in ar-blog 5.2 allow remote attackers to inject arbitrary web script or HTML via the 1 count parameter, and possibly the 2 next, 3 Yearthenews, and 4 mo parameters. NOTE: the year and month vectors are already covered by CVE-2006-0333...

5.7AI score0.01295EPSS
Exploits0References3
securityvulns
securityvulns
added 2006/05/30 12:0 a.m.35 views

Multiple Xss exploits in ar-blog v 5.2

Multiple Xss exploits in ar-blog v 5.2 forum type : ar-blog v 5.2 bug found by : black-code team : site-down type : Xss black-code: http://www.xxx.com/path/index.php?page=gb&count=next='scriptalert10/script http://www.xxx.com/path/index.php?page=gb&count='scriptalert10/script...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/05/27 12:0 a.m.15 views

AR-Blog 5.2 - Multiple Cross-Site Scripting Vulnerabilities

AR-Blog 5.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/18120/info AR-Blog is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may levera...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2006/05/27 12:0 a.m.20 views

AR-Blog 5.2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/18120/info AR-Blog is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...

7AI score
Exploits0
NVD
NVD
added 2006/04/20 10:2 a.m.20 views

CVE-2006-1893

Cross-site scripting XSS vulnerability in print.php in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

6.8CVSS5.7AI score0.01953EPSS
Exploits1References4
Prion
Prion
added 2006/04/20 10:2 a.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in print.php in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

6.8CVSS6.1AI score0.01953EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2006/04/20 10:0 a.m.24 views

CVE-2006-1893

Cross-site scripting XSS vulnerability in print.php in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

5.7AI score0.01953EPSS
Exploits1References4
CVE
CVE
added 2006/04/20 10:0 a.m.38 views

CVE-2006-1893

CVE-2006-1893 describes a cross-site scripting (XSS) vulnerability in the print.php component of ar-blog 5.2, exploitable via the id parameter to inject arbitrary script/HTML. The vulnerability is documented across multiple sources (NVD, CVE List, PRION, etc.), with the impact described as enabli...

6.8CVSS5.7AI score0.01953EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2006/04/15 12:0 a.m.47 views

Xss In ar-blog v 5.2

Software: ar-blog Web Site: http://www.ar-blog.com Versions: ar-blog v 5.2 Type: Xss Exploit : http://www.XXX.com/ar-blogv5,2/print.php?id=scriptalert1/script Discovery by : ALMOKANN3 LEZR.COM GreeTz : special greet t0 Dr.Jr7 & Qptan & Mr.SNAKE and to my all frinds !n www.lezr.com/vb...

1.3AI score
Exploits0
exploitpack
exploitpack
added 2006/04/14 12:0 a.m.21 views

AR-Blog 5.2 - print.php Cross-Site Scripting

AR-Blog 5.2 - print.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17522/info The ar-blog application is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2006/04/14 12:0 a.m.26 views

AR-Blog 5.2 - 'print.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17522/info The ar-blog application is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting use...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2006/01/25 12:0 a.m.19 views

ar-blogv5.2.txt

Software: ar-blog Web Site: http://www.ar-blog.com Versions: ar-blog v 5.2 Type: Cross Site Scripting Class: Remote Exploit : 1- http://www.target.com/index.php?page=showtopis&month=XSS&year=1426&all=9 2- http://www.target.com/index.php?page=showtopis&month=9&year=XSS&all=9 Example : 1-...

7.4AI score
Exploits0
NVD
NVD
added 2006/01/21 12:3 a.m.17 views

CVE-2006-0333

Cross-site scripting XSS vulnerability in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the 1 month or 2 year parameter to index.php...

4.3CVSS5.6AI score0.01164EPSS
Exploits0References3
Prion
Prion
added 2006/01/21 12:3 a.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the 1 month or 2 year parameter to index.php...

4.3CVSS5.9AI score0.01164EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder