Lucene search
K

13188 matches found

myhack58
myhack58
added 2010/09/18 12:0 a.m.18 views

Phpcms2008 local file inclusion vulnerabilities and using: an arbitrary SQL statement execution-vulnerability warning-the black bar safety net

Author: oldjun Recently been made an afterthought, so be despised; but there's no way to make the head of the bird is also people laughing at you! Anyway, these things throw me here also no use, will only rot in the hard disk! Thus, as long as a little wind blows grass move, I'll publish it. The...

0.7AI score
Exploits0
Prion
Prion
added 2010/09/17 8:0 p.m.13 views

Sql injection

SQL injection vulnerability in lib/toolkit/events/event.section.php in Symphony CMS 2.0.7 and 2.1.1 allows remote attackers to execute arbitrary SQL commands via the send-emailrecipient parameter to about/. NOTE: some of these details are obtained from third party information...

7.5CVSS9AI score0.01023EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2010/09/17 8:0 p.m.14 views

Sql injection

SQL injection vulnerability in the Publisher module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printarticle action to mod.php, a different vector than CVE-2007-3394...

7.5CVSS8.7AI score0.0214EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2010/09/17 8:0 p.m.16 views

Sql injection

SQL injection vulnerability in modules/sections/index.php in E-Xoopport Samsara 3.1 and earlier, when the Tutorial module is enabled, allows remote attackers to execute arbitrary SQL commands via the secid parameter in a listarticles action...

6.8CVSS9AI score0.00932EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2010/09/17 7:0 p.m.47 views

CVE-2010-3461

CVE-2010-3461 (and related CVE-2007-3394) are concrete SQL injection vulnerabilities in eNdonesia 8.4. The issue affects the Publisher module and allows remote attackers to execute arbitrary SQL via the artid parameter (to mod.php) and, for CVE-2007-3394, via the bid parameter to banners.php (in ...

7.5CVSS8.6AI score0.00907EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2010/09/17 7:0 p.m.53 views

CVE-2010-3458

CVE-2010-3458 describes a SQL injection in Symphony CMS (versions 2.0.7 and 2.1.1) where remote attackers could execute arbitrary SQL via the send-email[recipient] parameter to about/. The OpenVAS entry also notes a broader set of vulnerabilities for Symphony

7.5CVSS8.7AI score0.01023EPSS
Exploits1References5Affected Software1
Packet Storm
Packet Storm
added 2010/09/17 12:0 a.m.19 views

XMB 1.9.11 Cross Site Request Forgery

...

0.7AI score
Exploits0
NVD
NVD
added 2010/09/16 10:0 p.m.23 views

CVE-2010-3428

SQL injection vulnerability in modules/notes/json.php in Intermesh Group-Office 3.5.9 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a category action...

7.5CVSS8.3AI score0.0098EPSS
Exploits1References3
NVD
NVD
added 2010/09/16 10:0 p.m.17 views

CVE-2010-3422

SQL injection vulnerability in the JGen comjgen component 0.9.33 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php...

7.5CVSS8.3AI score0.00907EPSS
Exploits1References2
Prion
Prion
added 2010/09/16 10:0 p.m.15 views

Sql injection

SQL injection vulnerability in modules/notes/json.php in Intermesh Group-Office 3.5.9 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a category action...

7.5CVSS9AI score0.0098EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2010/09/16 10:0 p.m.8 views

Sql injection

SQL injection vulnerability in the Yr Weatherdata module for Drupal 6.x before 6.x-1.6 allows remote attackers to execute arbitrary SQL commands via the sorting method...

7.5CVSS9.1AI score0.01117EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2010/09/16 9:0 p.m.20 views

CVE-2010-3422

SQL injection vulnerability in the JGen comjgen component 0.9.33 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php...

8.3AI score0.00907EPSS
Exploits1References2
Cvelist
Cvelist
added 2010/09/16 9:0 p.m.29 views

CVE-2010-3428

SQL injection vulnerability in modules/notes/json.php in Intermesh Group-Office 3.5.9 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a category action...

8.3AI score0.0098EPSS
Exploits1References3
Prion
Prion
added 2010/09/16 8:0 p.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in eshtery CMS aka eshtery.com allow remote attackers to execute arbitrary SQL commands via the 1 Criteria field in an unspecified form related to catlgsearch.aspx or 2 user name to an unspecified form related to adminlogin.aspx...

7.5CVSS9.3AI score0.0098EPSS
Exploits1References3
OSV
OSV
added 2010/09/05 12:0 a.m.8 views

DSA-2103-1 smbind - sql injection

Bulletin has no description...

7.5CVSS6.4AI score0.01876EPSS
Exploits1
Prion
Prion
added 2010/09/03 6:0 p.m.8 views

Sql injection

SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via the frmQuestion parameter in a retrieve action, in conjunction with a user/password PATHINFO...

7.5CVSS8.9AI score0.01023EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2010/09/03 5:12 p.m.47 views

CVE-2010-3207

CVE-2010-3207 : A SQL injection in the PHP file index.php of GaleriaSHQIP 1.0 is possible when magic_quotes_gpc is disabled. The vulnerability allows remote attackers to modify the underlying SQL via the album_id parameter, per the NVD entry (base score 6.8, MEDIUM). The affected component is the...

6.8CVSS8.6AI score0.01082EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2010/09/03 5:12 p.m.16 views

CVE-2010-3211

Multiple SQL injection vulnerabilities in the JE FAQ Pro comjefaqpro component 1.5.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via category categorylist operations with 1 the catid parameter or 2 the catid parameter in a lists action...

8.5AI score0.0098EPSS
Exploits1References3
Cvelist
Cvelist
added 2010/09/03 5:12 p.m.19 views

CVE-2010-3212

SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via the frmQuestion parameter in a retrieve action, in conjunction with a user/password PATHINFO...

8.3AI score0.01023EPSS
Exploits1References5
Cvelist
Cvelist
added 2010/08/31 7:25 p.m.19 views

CVE-2010-3188

SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page...

8.3AI score0.01063EPSS
Exploits0References4
Rows per page
Query Builder