CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

seebug.org•added 2014/07/01 12:0 a.m.•12 views

Audins Audiens 3.3 setup.php PATH_INFO Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22728/info Audins Audiens is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied input...

7.1AI score

seebug.org•added 2014/07/01 12:0 a.m.•17 views

Audins Audiens 3.3 system/index.php Cookie PHPSESSID Parameter SQL Injection

7.1AI score

seebug.org•added 2014/07/01 12:0 a.m.•5 views

Audins Audiens 3.3 unistall.php Authentication Bypass

7.1AI score

Prion•added 2007/03/03 7:19 p.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in setup.php in Audins Audiens 3.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5.8CVSS6AI score0.02168EPSS

Prion•added 2007/03/03 7:19 p.m.•14 views

Authentication flaw

Audins Audiens 3.3 allows remote attackers to bypass authentication and perform certain privileged actions, possibly an uninstall of the product, by calling unistall.php with the values cnf=disinstalla and status=on. NOTE: the provenance of this information is unknown; the details are obtained...

7.5CVSS7.3AI score0.04917EPSS

NVD•added 2007/03/03 7:19 p.m.•9 views

CVE-2007-1242

SQL injection vulnerability in system/index.php in Audins Audiens 3.3 allows remote attackers to execute arbitrary SQL commands via the PHPSESSID cookie. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.1AI score0.00558EPSS

Exploits1References3

NVD•added 2007/03/03 7:19 p.m.•15 views

CVE-2007-1243

7.5CVSS6.8AI score0.04917EPSS

Prion•added 2007/03/03 7:19 p.m.•10 views

Sql injection

7.5CVSS8.7AI score0.00558EPSS

Exploits1References3Affected Software1

NVD•added 2007/03/03 7:19 p.m.•15 views

CVE-2007-1241

5.8CVSS5.6AI score0.02168EPSS

CVE•added 2007/03/03 7:0 p.m.•45 views

CVE-2007-1241

CVE-2007-1241 is an XSS vulnerability reported in Audins Audiens 3.3, specifically in setup.php, exploitable through PATH_INFO to inject arbitrary script/HTML. Concretely, multiple sources (NVD, CVE lists, Prion, Vulners) describe the same issue; the root cause is not elaborated beyond the PATH_I...

5.8CVSS5.6AI score0.02168EPSS

CVE•added 2007/03/03 7:0 p.m.•47 views

CVE-2007-1243

Audins Audiens 3.3 is affected by CVE-2007-1243, where remote attackers can bypass authentication and perform privileged actions (potentially uninstall) by calling unistall.php with cnf=disinstalla and status=on. The cited sources (NVD entry) describe the vulnerability as an authentication bypass...

7.5CVSS6.8AI score0.04917EPSS

Cvelist•added 2007/03/03 7:0 p.m.•14 views

CVE-2007-1242

8.1AI score0.00558EPSS

Exploits1References3

Cvelist•added 2007/03/03 7:0 p.m.•15 views

CVE-2007-1241

5.6AI score0.02168EPSS

CVE•added 2007/03/03 7:0 p.m.•47 views

CVE-2007-1242

CVE-2007-1242 affects Audins Audiens 3.3, specifically the file system/index.php. The vulnerability is a SQL injection in which an attacker can send a crafted PHPSESSID cookie to execute arbitrary SQL commands on the backend database. The CVSS metrics indicate a HIGH base score (7.5) with network...

7.5CVSS8.1AI score0.00558EPSS

Exploits1References3Affected Software1

Cvelist•added 2007/03/03 7:0 p.m.•18 views

CVE-2007-1243

6.8AI score0.04917EPSS

exploitpack•added 2007/02/26 12:0 a.m.•14 views

Audins Audiens 3.3 - setup.php?PATH_INFO Cross-Site Scripting

Audins Audiens 3.3 - setup.php?PATHINFO Cross-Site Scripting Audins Audiens is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues...

0.1AI score

Exploit DB•added 2007/02/26 12:0 a.m.•26 views

Audins Audiens 3.3 - 'setup.php?PATH_INFO' Cross-Site Scripting

Audins Audiens is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication...

7.4AI score

exploitpack•added 2007/02/26 12:0 a.m.•11 views

Audins Audiens 3.3 - unistall.php Authentication Bypass

Audins Audiens 3.3 - unistall.php Authentication Bypass Audins Audiens is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could...

0.7AI score