CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SQL injection vulnerability in the getProfile function in system/profile.functions.php in Free Reprintables ArticleFR 3.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter to register/...

7.5CVSS8.7AI score0.01978EPSS

Exploits2References1

CVE•added 2020/02/13 6:47 p.m.•57 views

CVE-2014-4170

CVE-2014-4170 describes an improper access control vulnerability in ArticleFR (Free Reprintables) where the data.php script lacks sufficient restrictions. A remote attacker can issue crafted requests to /data.php and execute arbitrary UPDATE SQL commands, enabling modification or deletion of data...

9.8CVSS9.2AI score0.47767EPSS

Exploits5References4Affected Software1

NVD•added 2020/01/15 7:15 p.m.•10 views

CVE-2015-6591

Directory traversal vulnerability in application/templates/amelia/loadjs.php in Free Reprintables ArticleFR 3.0.7 and earlier allows local users to read arbitrary files via the s parameter...

5.5CVSS5.4AI score0.00059EPSS

Exploits2References1

Cvelist•added 2020/01/15 6:15 p.m.•14 views

CVE-2015-6591

Directory traversal vulnerability in application/templates/amelia/loadjs.php in Free Reprintables ArticleFR 3.0.7 and earlier allows local users to read arbitrary files via the s parameter...

5.4AI score0.00059EPSS

Exploits2References1

CVE•added 2020/01/15 6:15 p.m.•49 views

CVE-2015-6591

The CVE-2015-6591 entry concerns Free Reprintables ArticleFR 3.0.7 and earlier. It affects the web application path application/templates/amelia/loadjs.php, where the s parameter is used to read files via file_get_contents without proper validation, enabling local arbitrary file read by a non-aut...

5.5CVSS5.3AI score0.00059EPSS

Exploits2References1Affected Software1

CNVD•added 2015/07/23 12:0 a.m.•1 views

Free Reprintables ArticleFR Has Multiple Cross-Site Request Forgery Vulnerabilities

Free Reprintables ArticleFR is an article directory scripting system from Free Reprintables Philippines. Free Reprintables ArticleFR 3.0.6 suffers from multiple cross-site request forgery vulnerabilities that allow remote attackers to hijack an administrator authentication request to add an...

6.8CVSS7.1AI score0.00661EPSS

Exploits2References1

CNVD•added 2015/07/20 12:0 a.m.•4 views

Free Reprintables ArticleFR Cross-Site Scripting Vulnerability

ArticleFR is an article directory and content catalog system. Multiple cross-site scripting vulnerabilities exist in Free Reprintables ArticleFR version 3.0.6, which stem from the dashboard/settings/categories/ URI not sufficiently filtering the 'name' parameter, the dashboard/settings/links/ URI...

4.3CVSS6.4AI score0.0713EPSS

Exploits2References1

NVD•added 2015/07/16 3:59 p.m.•9 views

CVE-2015-5530

Multiple cross-site request forgery CSRF vulnerabilities in Free Reprintables ArticleFR 3.0.6 allow remote attackers to hijack the authentication of administrators for requests that add an administrator account via a request to dashboard/users/create/...

6.8CVSS7.2AI score0.00661EPSS

Exploits2References2

NVD•added 2015/07/16 3:59 p.m.•12 views

CVE-2015-5529

Multiple cross-site scripting XSS vulnerabilities in Free Reprintables ArticleFR 3.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter to dashboard/settings/categories/, 2 title or 3 rel parameter to dashboard/settings/links/, or 4 url parameter to...

4.3CVSS5.8AI score0.0713EPSS

Exploits2References3

Prion•added 2015/07/16 3:59 p.m.•11 views

Cross site scripting

4.3CVSS6AI score0.0713EPSS

Exploits2References3Affected Software1

Prion•added 2015/07/16 3:59 p.m.•8 views

Cross site request forgery (csrf)

6.8CVSS7.7AI score0.00661EPSS

Exploits2References2Affected Software1

Cvelist•added 2015/07/16 3:0 p.m.•15 views

CVE-2015-5530

7.2AI score0.00661EPSS

Exploits2References2

CVE•added 2015/07/16 3:0 p.m.•39 views

CVE-2015-5529

Affected software: Free Reprintables ArticleFR 3.0.6. Vulnerable components: dashboard/settings/categories/ (name parameter), dashboard/settings/links/ (title and rel parameters), dashboard/tools/pingservers/ (url parameter). Issue: stored cross-site scripting due to inadequate input sanitization...

4.3CVSS5.9AI score0.0713EPSS

Exploits2References3Affected Software1

CVE•added 2015/07/16 3:0 p.m.•41 views

CVE-2015-5530

CVE-2015-5530 affects Free Reprintables ArticleFR 3.0.6. The vulnerability is CSRF that lets an attacker cause an admin account to be created via dashboard/users/create/, effectively hijacking an administrator’s authentication context. The NVD entry lists a base score of 6.8 (Medium) with network...

6.8CVSS7.3AI score0.00661EPSS

Exploits2References2Affected Software1

exploitpack•added 2015/07/13 12:0 a.m.•11 views

ArticleFR 3.0.6 - Multiple Vulnerabilities

ArticleFR 3.0.6 - Multiple Vulnerabilities ArticleFR 3.0.6 CSRF Add Admin Exploit Vendor: Free Reprintables Product web page: http://www.freereprintables.com Affected version: 3.0.6 Summary: A lightweight fully featured content article / video management system. Comes with a pluginable and...

0.1AI score

Exploits0

Zero Science Lab•added 2015/07/13 12:0 a.m.•47 views

ArticleFR 3.0.6 CSRF Add Admin Exploit

Summary A lightweight fully featured content article / video management system. Comes with a pluginable and multiple module framework system. Description The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This c...

6.8CVSS5.8AI score0.00661EPSS

Exploits2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by