Lucene search
K

58 matches found

Packet Storm
Packet Storm
added 2015/01/21 12:0 a.m.45 views

articleFR CMS 3.0.5 SQL Injection

Vulnerability title: SQL injection vulnerability in articleFR CMS 3.0.5 Product: articleFR Vendor: http://freereprintables.com Affected version: version 3.0.5 Download link: https://github.com/articlefr/articleFR Fixed version: N/A Google dork: N/A Author: Tran Dinh Tien [email protected] & ITA...

7.5CVSS0.7AI score0.01342EPSS
Exploits2
securityvulns
securityvulns
added 2014/10/15 12:0 a.m.88 views

Improper Access Control in ArticleFR

Advisory ID: HTB23219 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 11.06.2014 and probably prior Tested Version: 11.06.2014 Advisory Publication: June 11, 2014 without technical details Vendor Notification: June 11, 2014 Public Disclosure: July 30, 2014 Vulnerability Type:...

0.7AI score0.14484EPSS
Exploits5
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.113 views

SQL Injection Vulnerability in ArticleFR

Advisory ID: HTB23225 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 3.0.4 and probably prior Tested Version: 3.0.4 Advisory Publication: July 23, 2014 without technical details Vendor Notification: July 23, 2014 Public Disclosure: August 20, 2014 Vulnerability Type: SQL...

7.5CVSS0.1AI score0.02348EPSS
Exploits3
OpenVAS
OpenVAS
added 2014/08/25 12:0 a.m.20 views

ArticleFR CMS 'id' Parameter SQL Injection Vulnerability

ArticleFR CMS is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.02348EPSS
Exploits3References4
NVD
NVD
added 2014/08/22 2:55 p.m.31 views

CVE-2014-5097

Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR 3.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a 1 get or 2 set action to rate.php...

7.5CVSS8.4AI score0.02348EPSS
Exploits3References4
Cvelist
Cvelist
added 2014/08/22 2:0 p.m.31 views

CVE-2014-5097

Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR 3.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a 1 get or 2 set action to rate.php...

8.4AI score0.02348EPSS
Exploits3References4
CVE
CVE
added 2014/08/22 2:0 p.m.49 views

CVE-2014-5097

CVE-2014-5097 describes SQL injection in ArticleFR CMS (Free Reprintables) versions 3.0.4 and earlier. The vulnerability arises from insufficient sanitization of the HTTP GET parameter “id” passed to /rate.php when act is either “get” or “set,” allowing remote attackers to execute arbitrary SQL c...

7.5CVSS8.6AI score0.02348EPSS
Exploits3References4Affected Software1
exploitpack
exploitpack
added 2014/08/20 12:0 a.m.18 views

ArticleFR - id SQL Injection

ArticleFR - id SQL Injection source: https://www.securityfocus.com/bid/69307/info ArticleFR is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the...

0.5AI score
Exploits0
0day.today
0day.today
added 2014/08/20 12:0 a.m.81 views

ArticleFR 3.0.4 SQL Injection Vulnerability

ArticleFR version 3.0.4 suffers from a remote SQL injection vulnerability. Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 3.0.4 and probably prior Tested Version: 3.0.4 Advisory Publication: July 23, 2014 without technical details Vendor Notification: July 23, 2014 Public...

7.5CVSS7.6AI score0.02348EPSS
Exploits3
Packet Storm
Packet Storm
added 2014/08/20 12:0 a.m.61 views

ArticleFR 3.0.4 SQL Injection

Advisory ID: HTB23225 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 3.0.4 and probably prior Tested Version: 3.0.4 Advisory Publication: July 23, 2014 without technical details Vendor Notification: July 23, 2014 Public Disclosure: August 20, 2014 Vulnerability Type: SQL...

7.5CVSS0.5AI score0.02348EPSS
Exploits3
Exploit DB
Exploit DB
added 2014/08/20 12:0 a.m.25 views

ArticleFR - 'id' SQL Injection

source: https://www.securityfocus.com/bid/69307/info ArticleFR is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, ...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/08/04 12:0 a.m.44 views

ArticleFR 11.06.2014 (data.php) - Privilege Escalation

No description provided by source. Advisory ID: HTB23219 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 11.06.2014 and probably prior Tested Version: 11.06.2014 Advisory Publication: June 11, 2014 without technical details Vendor Notification: June 11, 2014 Public Disclosure:...

6.1CVSS9.2AI score0.14484EPSS
Exploits5
0day.today
0day.today
added 2014/08/03 12:0 a.m.66 views

ArticleFR 11.06.2014 (data.php) - Privilege Escalation

Exploit for php platform in category web applications Advisory Details: High-Tech Bridge Security Research Lab discovered vulnerability in ArticleFR, which can be exploited to execute arbitrary UPDATE SQL statements, alter information stored in database and gain complete control over the web site...

6.1CVSS0.2AI score0.14484EPSS
Exploits5
exploitpack
exploitpack
added 2014/08/02 12:0 a.m.39 views

ArticleFR 11.06.2014 - data.php Privilege Escalation

ArticleFR 11.06.2014 - data.php Privilege Escalation Advisory ID: HTB23219 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 11.06.2014 and probably prior Tested Version: 11.06.2014 Advisory Publication: June 11, 2014 without technical details Vendor Notification: June 11, 2014...

7.5CVSS0.8AI score0.14484EPSS
Exploits5
Exploit DB
Exploit DB
added 2014/08/02 12:0 a.m.52 views

ArticleFR 11.06.2014 - 'data.php' Privilege Escalation

Advisory ID: HTB23219 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 11.06.2014 and probably prior Tested Version: 11.06.2014 Advisory Publication: June 11, 2014 without technical details Vendor Notification: June 11, 2014 Public Disclosure: July 30, 2014 Vulnerability Type:...

9.8CVSS9.6AI score0.14484EPSS
Exploits5
Packet Storm
Packet Storm
added 2014/07/31 12:0 a.m.55 views

Free Reprintables ArticleFR 11.06.2014 Improper Access Control

Advisory ID: HTB23219 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 11.06.2014 and probably prior Tested Version: 11.06.2014 Advisory Publication: June 11, 2014 without technical details Vendor Notification: June 11, 2014 Public Disclosure: July 30, 2014 Vulnerability Type:...

6.1CVSS0.7AI score0.14484EPSS
Exploits5
htbridge
htbridge
added 2014/07/23 12:0 a.m.40 views

SQL Injection Vulnerability in ArticleFR

High-Tech Bridge Security Research Lab discovered SQL injection vulnerability in ArticleFR, which can be exploited to perform SQL Injection attacks and gain complete control over vulnerable website. 1 SQL Injection in ArticleFR: CVE-2014-5097 The vulnerability exists due to insufficient...

7.5CVSS8.5AI score0.02348EPSS
Exploits3Affected Software1
htbridge
htbridge
added 2014/06/11 12:0 a.m.37 views

Improper Access Control in ArticleFR

High-Tech Bridge Security Research Lab discovered vulnerability in ArticleFR, which can be exploited to execute arbitrary UPDATE SQL statements, alter information stored in database and gain complete control over the web site. 1 Improper Access Control in ArticleFR: CVE-2014-4170 The vulnerabilit...

7.5CVSS1.6AI score0.14484EPSS
Exploits5Affected Software1
Rows per page
Query Builder