CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SQL injection vulnerability in the getProfile function in system/profile.functions.php in Free Reprintables ArticleFR 3.0.5 allows remote attackers to execute arbitrary SQL commands via the username parameter to register/...

7.5CVSS8.7AI score0.01342EPSS

Exploits2References1

CVE•added 2020/02/13 6:47 p.m.•64 views

CVE-2014-4170

CVE-2014-4170 describes an improper access control vulnerability in ArticleFR (Free Reprintables) where the data.php script lacks sufficient restrictions. A remote attacker can issue crafted requests to /data.php and execute arbitrary UPDATE SQL commands, enabling modification or deletion of data...

9.8CVSS9.2AI score0.14144EPSS

Exploits5References4Affected Software1

NVD•added 2020/01/15 7:15 p.m.•24 views

CVE-2015-6591

Directory traversal vulnerability in application/templates/amelia/loadjs.php in Free Reprintables ArticleFR 3.0.7 and earlier allows local users to read arbitrary files via the s parameter...

5.5CVSS5.4AI score0.00582EPSS

Exploits2References1

Cvelist•added 2020/01/15 6:15 p.m.•26 views

CVE-2015-6591

Directory traversal vulnerability in application/templates/amelia/loadjs.php in Free Reprintables ArticleFR 3.0.7 and earlier allows local users to read arbitrary files via the s parameter...

5.4AI score0.00582EPSS

Exploits2References1

CVE•added 2020/01/15 6:15 p.m.•53 views

CVE-2015-6591

The CVE-2015-6591 entry concerns Free Reprintables ArticleFR 3.0.7 and earlier. It affects the web application path application/templates/amelia/loadjs.php, where the s parameter is used to read files via file_get_contents without proper validation, enabling local arbitrary file read by a non-aut...

5.5CVSS5.3AI score0.00582EPSS

Exploits2References1Affected Software1

CNVD•added 2015/07/23 12:0 a.m.•3 views

Free Reprintables ArticleFR Has Multiple Cross-Site Request Forgery Vulnerabilities

Free Reprintables ArticleFR is an article directory scripting system from Free Reprintables Philippines. Free Reprintables ArticleFR 3.0.6 suffers from multiple cross-site request forgery vulnerabilities that allow remote attackers to hijack an administrator authentication request to add an...

6.8CVSS7.1AI score0.01221EPSS

Exploits2References1

CNVD•added 2015/07/20 12:0 a.m.•5 views

Free Reprintables ArticleFR Cross-Site Scripting Vulnerability

ArticleFR is an article directory and content catalog system. Multiple cross-site scripting vulnerabilities exist in Free Reprintables ArticleFR version 3.0.6, which stem from the dashboard/settings/categories/ URI not sufficiently filtering the 'name' parameter, the dashboard/settings/links/ URI...

4.3CVSS6.4AI score0.03308EPSS

Exploits2References1

NVD•added 2015/07/16 3:59 p.m.•11 views

CVE-2015-5530

Multiple cross-site request forgery CSRF vulnerabilities in Free Reprintables ArticleFR 3.0.6 allow remote attackers to hijack the authentication of administrators for requests that add an administrator account via a request to dashboard/users/create/...

6.8CVSS7.2AI score0.01221EPSS

Exploits2References2

NVD•added 2015/07/16 3:59 p.m.•14 views

CVE-2015-5529

Multiple cross-site scripting XSS vulnerabilities in Free Reprintables ArticleFR 3.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter to dashboard/settings/categories/, 2 title or 3 rel parameter to dashboard/settings/links/, or 4 url parameter to...

4.3CVSS5.8AI score0.03308EPSS

Exploits2References3

Prion•added 2015/07/16 3:59 p.m.•13 views

Cross site scripting

4.3CVSS6AI score0.03308EPSS

Exploits2References3Affected Software1

Prion•added 2015/07/16 3:59 p.m.•10 views

Cross site request forgery (csrf)

6.8CVSS7.7AI score0.01221EPSS

Exploits2References2Affected Software1

Cvelist•added 2015/07/16 3:0 p.m.•17 views

CVE-2015-5530

7.2AI score0.01221EPSS

Exploits2References2

CVE•added 2015/07/16 3:0 p.m.•46 views

CVE-2015-5530

CVE-2015-5530 affects Free Reprintables ArticleFR 3.0.6. The vulnerability is CSRF that lets an attacker cause an admin account to be created via dashboard/users/create/, effectively hijacking an administrator’s authentication context. The NVD entry lists a base score of 6.8 (Medium) with network...

6.8CVSS7.3AI score0.01221EPSS

Exploits2References2Affected Software1

CVE•added 2015/07/16 3:0 p.m.•44 views

CVE-2015-5529

Affected software: Free Reprintables ArticleFR 3.0.6. Vulnerable components: dashboard/settings/categories/ (name parameter), dashboard/settings/links/ (title and rel parameters), dashboard/tools/pingservers/ (url parameter). Issue: stored cross-site scripting due to inadequate input sanitization...

4.3CVSS5.9AI score0.03308EPSS

Exploits2References3Affected Software1

0day.today•added 2015/07/13 12:0 a.m.•24 views

ArticleFR 3.0.6 - Multiple Vulnerabilities

Exploit for php platform in category web applications ArticleFR 3.0.6 CSRF Add Admin Exploit Vendor: Free Reprintables Product web page: http://www.freereprintables.com Affected version: 3.0.6 Summary: A lightweight fully featured content article / video management system. Comes with a pluginable...

7.1AI score

Exploits0

exploitpack•added 2015/07/13 12:0 a.m.•12 views

ArticleFR 3.0.6 - Multiple Vulnerabilities

ArticleFR 3.0.6 - Multiple Vulnerabilities ArticleFR 3.0.6 CSRF Add Admin Exploit Vendor: Free Reprintables Product web page: http://www.freereprintables.com Affected version: 3.0.6 Summary: A lightweight fully featured content article / video management system. Comes with a pluginable and...

0.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by