Lucene search
K

247 matches found

Positive Technologies
Positive Technologies
added 2015/02/02 12:0 a.m.8 views

PT-2015-5258 · Blubrry · Blubrry Powerpress Podcasting Plugin

Name of the Vulnerable Software and Affected Versions: Blubrry PowerPress Podcasting plugin versions prior to 6.0.1 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the cat parameter in a "powerpress-editcategoryfeed" action in the "powerpressadmin...

4.3CVSS5.4AI score0.02237EPSS
Exploits3References8
Prion
Prion
added 2014/07/29 2:55 p.m.16 views

Code injection

WeBid 1.1.1 allows remote attackers to conduct an LDAP injection attack via the 1 js or 2 cat parameter...

7.5CVSS7.5AI score0.02096EPSS
Exploits1References2Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

KAPhotoservice 7.5 album.asp cat Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18379/info KAPhotoservice is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

photokorn 1.53/1.54 print.php cat Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17683/info Photokorn is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Dev Web Management System 1.5 getfile.php cat Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management System versions 1.5 and earlier are pro...

7.1AI score
Exploits0
Prion
Prion
added 2013/08/25 3:27 a.m.13 views

Sql injection

SQL injection vulnerability in links.php in MYRE Business Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter...

7.5CVSS9.1AI score0.01044EPSS
Exploits1References1
Prion
Prion
added 2013/08/19 9:10 p.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 n parameter to browsevideos.php or the 2 cat parameter to groups.php...

4.3CVSS6.1AI score0.03217EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2011/01/25 7:0 p.m.20 views

CVE-2011-0646

SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows remote attackers to execute arbitrary SQL commands via the cat parameter...

7.5CVSS8.4AI score0.01021EPSS
Exploits1References5
Prion
Prion
added 2010/11/03 8:0 p.m.25 views

Sql injection

SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the i and th vectors are already covered by CVE-2009-0646...

7.5CVSS8.7AI score0.03597EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2010/11/03 7:0 p.m.55 views

CVE-2010-4152

CVE-2010-4152 affects 4Site CMS 2.6 and earlier, with a concrete SQL injection vulnerability in the Catalog module. The issue is triggered via the cat parameter in catalog/index.shtml, and HTB reports additional vulnerable vectors in other modules (portfolio/index.shtml with i parameter, faq/inde...

7.5CVSS8.6AI score0.0099EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2010/06/17 4:30 p.m.15 views

Remote file inclusion

PHP remote file inclusion vulnerability in picturelib.php in SmartISoft phpBazar 2.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the cat parameter...

7.5CVSS8AI score0.05824EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2010/05/04 4:0 p.m.16 views

Sql injection

SQL injection vulnerability in browse.html in PHP Video Battle Script allows remote attackers to execute arbitrary SQL commands via the cat parameter...

7.5CVSS9.2AI score0.00961EPSS
Exploits1References3
NVD
NVD
added 2010/03/25 5:30 p.m.13 views

CVE-2010-1112

Cross-site scripting XSS vulnerability in cat.php in KloNews 2.0 allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

4.3CVSS5.7AI score0.01279EPSS
Exploits1References2
NVD
NVD
added 2010/01/21 10:30 p.m.22 views

CVE-2010-0376

Cross-site scripting XSS vulnerability in productlist.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote attackers to inject arbitrary web script or HTML via the cat parameter. NOTE: this issue is reportedly resultant from a forced SQL error message that occurs from exploitation ...

4.3CVSS6AI score0.01499EPSS
Exploits1References5
Prion
Prion
added 2010/01/21 10:30 p.m.16 views

Sql injection

SQL injection vulnerability in productlist.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.5AI score0.01002EPSS
Exploits1References5
Cvelist
Cvelist
added 2010/01/21 10:0 p.m.30 views

CVE-2010-0376

Cross-site scripting XSS vulnerability in productlist.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote attackers to inject arbitrary web script or HTML via the cat parameter. NOTE: this issue is reportedly resultant from a forced SQL error message that occurs from exploitation ...

6AI score0.01499EPSS
Exploits1References5
Prion
Prion
added 2009/12/10 4:30 p.m.15 views

Sql injection

SQL injection vulnerability in mainforum.php in PTCPay GeN3 forum 1.3 allows remote attackers to execute arbitrary SQL commands via the cat parameter...

7.5CVSS9.1AI score0.00907EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2009/11/24 2:30 a.m.21 views

Sql injection

SQL injection vulnerability in the JoomClip comjoomclip component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a thumbs action to index.php...

6.8CVSS9.1AI score0.00962EPSS
Exploits1References5
Prion
Prion
added 2009/09/30 3:30 p.m.17 views

Sql injection

SQL injection vulnerability in employee.aspx in BPowerHouse BPLawyerCaseDocuments 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter...

7.5CVSS9.1AI score0.00961EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2009/09/30 3:30 p.m.22 views

CVE-2009-3499

SQL injection vulnerability in employee.aspx in BPowerHouse BPLawyerCaseDocuments 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter...

7.5CVSS8.4AI score0.00961EPSS
Exploits1References3
Rows per page
Query Builder