Lucene search
K

311 matches found

CNNVD
CNNVD
added 2021/03/24 12:0 a.m.4 views

Bitweaver 跨站脚本漏洞

Bitweaver is a free, open source web application framework and content management system. A cross-site scripting vulnerability exists in Bitweaver 3.1.0. A remote attacker can exploit this vulnerability to inject JavaScript via the /users/preferences.php URI...

4.8CVSS5AI score0.00786EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/03/24 12:0 a.m.7 views

Bitweaver 跨站脚本漏洞

Bitweaver is an open source content management system CMS. A security vulnerability exists in Bitweaver version 3.1.0, which can be exploited by remote attackers to inject JavaScript via the user admin edit group.php URI...

4.8CVSS5.4AI score0.00755EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/03/24 12:0 a.m.7 views

Bitweaver 跨站脚本漏洞

Bitweaver is a free, open source web application framework and content management system. A cross-site scripting vulnerability exists in Bitweaver 3.1.0. A remote attacker can exploit this vulnerability to inject JavaScript via the /users/admin/index.php URI...

4.8CVSS5AI score0.00786EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/03/24 12:0 a.m.7 views

Bitweaver 跨站脚本漏洞

Bitweaver is a free, open source web application framework and content management system. A cross-site scripting vulnerability exists in Bitweaver 3.1.0. A remote attacker can exploit this vulnerability to inject JavaScript via the /users/admin/usersimport.php URI...

4.8CVSS5AI score0.00862EPSS
Exploits1References2
NVD
NVD
added 2019/11/13 9:15 p.m.16 views

CVE-2012-5193

Multiple cross-site scripting XSS vulnerabilities in Bitweaver 2.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to 1 stats/index.php or 2 newsletters/edition.php or the 3 username parameter to users/remindpassword.php, 4 days parameter to...

6.1CVSS6.1AI score0.01793EPSS
Exploits6References2
Prion
Prion
added 2019/11/13 9:15 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Bitweaver 2.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to 1 stats/index.php or 2 newsletters/edition.php or the 3 username parameter to users/remindpassword.php, 4 days parameter to...

4.3CVSS6.1AI score0.01793EPSS
Exploits6References2Affected Software1
Cvelist
Cvelist
added 2019/11/13 8:31 p.m.19 views

CVE-2012-5193

Multiple cross-site scripting XSS vulnerabilities in Bitweaver 2.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to 1 stats/index.php or 2 newsletters/edition.php or the 3 username parameter to users/remindpassword.php, 4 days parameter to...

6.1AI score0.01793EPSS
Exploits6References2
CVE
CVE
added 2019/11/13 8:31 p.m.46 views

CVE-2012-5193

Bitweaver 2.8.1 and earlier versions are affected by multiple cross-site scripting (XSS) vulnerabilities (CVE-2012-5193). Attackers can inject arbitrary web script or HTML by manipulating path info or specific parameters: stats/index.php (path info, days), newsletters/edition.php, users/remind_pa...

6.1CVSS6AI score0.01793EPSS
Exploits6References2Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Bitweaver CMS 1.3 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17406/info Bitweaver CMS is prone to multiple cross-site scripting vulnerabilities. Thess issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Bitweaver 1.x/2.0 search/index.php URL XSS

No description provided by source. source: http://www.securityfocus.com/bid/26801/info Bitweaver is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input including multiple cross-site scripting vulnerabilities, multiple...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Bitweaver 1.1.1 view.php blog_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15962/info bitweaver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Bitweaver 1.x wiki/list_pages.php sort_mode Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20996/info Bitweaver is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Bitweaver 1.1.1 my.php sort_mode Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15962/info bitweaver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

bitweaver 2.8.0 - Multiple Vulnerabilities

No description provided by source. exploit title: Path Disclosure bitweaver 2.8 date: 25.o2.2o11 author: lemlajt software : bitweaver version: 2.8 tested on: linux cve : Path Disclosure bitweaver 2.8 PoC : http://localhost/www/cmsadmins/bitweaver2.8.1/bitweaver/kernel/admin/index.php?page=%27 sql...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Bitweaver 1.x/2.0 search/index.php highlight Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/26801/info Bitweaver is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input including multiple cross-site scripting vulnerabilities, multiple...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Bitweaver 1.1.1 message_box.php sort_mode Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15962/info bitweaver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Bitweaver 1.x blogs/list_blogs.php sort_mode Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20996/info Bitweaver is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.9 views

Bitweaver 1.x wiki/orphan_pages.php sort_mode Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20996/info Bitweaver is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

bitweaver <= 1.3 (tmpImagePath) Attachment mod_mime Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo bitweaver = v1.3 'tmpImagePath' attachment modmime exploit\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n; echo dork: \powered by bitweaver\r\n\r\n; if $argc4 echo Usage: php...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Bitweaver 1.x fisheye/list_galleries.php sort_mode Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20996/info Bitweaver is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal...

7.1AI score
Exploits0
Rows per page
Query Builder