CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

863 matches found

securityvulns•added 2006/08/31 12:0 a.m.•51 views

IwebNegar v1.1 Multiple vulnerabilities

:: IwebNegar v1.1 Multiple vulnerabilities :: ------------------------------------------------ Software : IwebNegar v1.1 Website : ---- Bug Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerability ------------------------------------------------- Parameter "comment" are not...

1.3AI score

Exploits0

Cvelist•added 2006/07/10 10:0 p.m.•21 views

CVE-2006-3494

Multiple cross-site scripting XSS vulnerabilities in Buddy Zone 1.0.1 allow remote attackers to inject arbitrary HTML and web script via the 1 catid parameter to a viewclassifieds.php; 2 id parameter in b viewad.php; 3 eventid parameter in c viewevent.php, d deleteevent.php, and e editevent.php;...

5.9AI score0.03396EPSS

Exploits1References20

Tenable Nessus•added 2006/06/27 12:0 a.m.•54 views

mvnForum activatemember Multiple Parameter XSS

The remote host is running mvnForum, an open source, forum application based on Java J2EE. The version of mvnForum installed on the remote host fails to sanitize user-supplied input to the 'activatecode' and 'member' parameters of the 'activatemember' script before using it to generate dynamic we...

2.6CVSS5.9AI score0.01734EPSS

Exploits0References2

NVD•added 2006/06/26 4:5 p.m.•16 views

CVE-2006-3225

Cross-site scripting XSS vulnerability in Sun ONE Application Server 7 before Update 9, Java System Application Server 7 2004Q2 before Update 5, and Java System Application Server Enterprise Edition 8.1 2005 Q1 allows remote attackers to inject arbitrary HTML or web script via unknown vectors...

2.6CVSS5.8AI score0.01946EPSS

Exploits0References6

NVD•added 2006/06/23 12:2 a.m.•22 views

CVE-2006-3174

Cross-site scripting XSS vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when registerglobals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter...

2.6CVSS5.7AI score0.01671EPSS

Exploits1References10

Cvelist•added 2006/06/23 12:0 a.m.•23 views

CVE-2006-3174

Cross-site scripting XSS vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when registerglobals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter...

5.6AI score0.01671EPSS

Exploits1References10

Tenable Nessus•added 2006/06/23 12:0 a.m.•25 views

BlueDragon 6.2.1 Multiple Remote Vulnerabilities (XSS, DoS)

The remote host is running BlueDragon Server / Server JX, Java-based servers for stand-alone deployment of CFML ColdFusion Markup Language pages. The version of BlueDragon Server / Server JX installed on the remote host fails to sanitize user-supplied input passed as part of the filename before...

5CVSS5.8AI score0.06675EPSS

Exploits2References3

Cvelist•added 2006/06/13 10:0 a.m.•35 views

CVE-2006-3007

Multiple cross-site scripting XSS vulnerabilities in SHOUTcast 1.9.5 allow remote attackers to inject arbitrary HTML or web script via the DJ fields 1 Description, 2 URL, 3 Genre, 4 AIM, and 5 ICQ...

5.7AI score0.01528EPSS

Exploits0References7

exploitpack•added 2006/06/12 12:0 a.m.•19 views

Five Star Review Script - index2.php?sort Cross-Site Scripting

Five Star Review Script - index2.php?sort Cross-Site Scripting source: https://www.securityfocus.com/bid/18390/info Five Star Review Script is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these...

6.8AI score

Exploits0

Exploit DB•added 2006/06/12 12:0 a.m.•90 views

Five Star Review Script - 'report.php?item_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18390/info Five Star Review Script is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to run arbitrary HTML and script code in the browser of a...

7.4AI score

Exploits0

Prion•added 2006/06/07 10:2 a.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in FunkBoard 0.71 allows remote attackers to inject arbitrary HTML or web script via unspecified vectors...

2.6CVSS6.2AI score0.01211EPSS

Exploits1References4Affected Software1

NVD•added 2006/06/07 10:2 a.m.•11 views

CVE-2006-2897

Cross-site scripting XSS vulnerability in FunkBoard 0.71 allows remote attackers to inject arbitrary HTML or web script via unspecified vectors...

2.6CVSS5.8AI score0.01211EPSS

Exploits1References4

NVD•added 2006/06/07 10:2 a.m.•19 views

CVE-2006-2895

Cross-site scripting XSS vulnerability in MediaWiki 1.6.0 up to versions before 1.6.7 allows remote attackers to inject arbitrary HTML and web script via the edit form...

2.6CVSS5.8AI score0.01357EPSS

Exploits0References5

Prion•added 2006/06/01 1:2 a.m.•16 views

Cross site scripting

Cross-site scripting XSS vulnerability in news.php in VARIOMAT allows remote attackers to inject arbitrary HTML or web script via the subcat parameter. NOTE: this issue might be resultant from SQL injection...

6.8CVSS7.2AI score0.01089EPSS

Exploits0References3

Cvelist•added 2006/06/01 1:0 a.m.•24 views

CVE-2006-2721

6.5AI score0.01089EPSS

Exploits0References3

Prion•added 2006/05/30 10:2 a.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in performsearch.asp for ASPBB 0.52 and earlier allows remote attackers to inject arbitrary HTML or web script via the search parameter...

2.6CVSS6.3AI score0.02328EPSS

Exploits0References8Affected Software1

NVD•added 2006/05/30 10:2 a.m.•14 views

CVE-2006-2652

Cross-site scripting XSS vulnerability in WikiNi 0.4.2 and earlier allows remote attackers to inject arbitrary HTML and web script by editing a Wiki page to contain the script...

6.8CVSS5.9AI score0.01461EPSS

Exploits0References7

securityvulns•added 2006/05/27 12:0 a.m.•32 views

ByteHoard <= 2.1 multiple vulnerabilities

ByteHoard = 2.1 multiple vulnerabilities Discovered by: Nomenumbra Date: 23/5/2006 impact:high file manipulation,privilege escalation,possible defacement ByteHoard versions up to 2.1 are prone to multiple vulnerabilities, including directory traversal. 0x00 Directory traversal: Users are able to...

0.6AI score

Exploits0

Prion•added 2006/05/24 1:2 a.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in Jemscripts DownloadControl 1.0 allows remote attackers to inject arbitrary HTML or web script via the dcid parameter to dc.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. This issue...

4.3CVSS6.1AI score0.01369EPSS

Exploits0References7Affected Software1

FreeBSD•added 2006/04/21 12:0 a.m.•27 views

phpldapadmin -- Cross-Site Scripting and Script Insertion vulnerabilities

Secunia reports: phpLDAPadmin have some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1 Some input isn't properly sanitised before being returned to the user. This can be exploited to...

2.6CVSS6.2AI score0.08221EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by