CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

59 matches found

Cvelist•added 2008/09/30 5:0 p.m.•21 views

CVE-2008-4344

SQL injection vulnerability in cat.php in 6rbScript allows remote attackers to execute arbitrary SQL commands via the CatID parameter...

8.4AI score0.00414EPSS

Exploits1References4

CVE•added 2008/09/30 5:0 p.m.•57 views

CVE-2008-4344

The CVE-2008-4344 entry describes a SQL injection vulnerability in the file cat.php of 6rbScript , exploitable via the CatID parameter to allow remote attackers to execute arbitrary SQL commands. The incident is supported by multiple sources (e.g., NVD and CVE records) with a CVSS v2 base score o...

7.5CVSS8.4AI score0.00414EPSS

Exploits1References4Affected Software1

Exploit DB•added 2008/09/22 12:0 a.m.•24 views

6rbScript - 'cat.php' SQL Injection

source: https://www.securityfocus.com/bid/31329/info 6rbScript is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...

7.4AI score

Exploits0

exploitpack•added 2008/09/22 12:0 a.m.•14 views

6rbScript - cat.php SQL Injection

6rbScript - cat.php SQL Injection source: https://www.securityfocus.com/bid/31329/info 6rbScript is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Exploits0

Packet Storm•added 2008/09/22 12:0 a.m.•22 views

6rbscriptcat-sql.txt

$/ $ $ 6rbScript cat.php Remote SQL Injection $ $/ $ -- K -- $ $ Author:\ Kararalshami $ $ Home:\ Google.Com $ $ email:\ KararalshameaTYahood0tcom $ $ $ $/ $ -- K -- $ $ script :\ www.6rbscript.com $ $ Price! :\ 150$ $ $ DorK :\ "Try 2 Find it!" $/ Exploit:\ ------------...

7.4AI score

Exploits0

exploitpack•added 2008/06/23 12:0 a.m.•10 views

Chipmunk Blog - cat.php Cross-Site Scripting

Chipmunk Blog - cat.php Cross-Site Scripting source: https://www.securityfocus.com/bid/29883/info Chipmunk Blog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script...

Exploits0

NVD•added 2008/06/03 3:32 p.m.•9 views

CVE-2008-2537

SQL injection vulnerability in cat.php in HispaH Model Search allows remote attackers to execute arbitrary SQL commands via the cat parameter...

7.5CVSS8.4AI score0.00462EPSS

Exploits1References3

NVD•added 2008/04/16 5:5 p.m.•19 views

CVE-2008-1844

SQL injection vulnerability in cat.php in W2B phpHotResources allows remote attackers to execute arbitrary SQL commands via the kind parameter...

7.5CVSS8.4AI score0.00935EPSS

Exploits1References6

Prion•added 2008/04/16 5:5 p.m.•17 views

Sql injection

SQL injection vulnerability in cat.php in W2B phpHotResources allows remote attackers to execute arbitrary SQL commands via the kind parameter...

7.5CVSS9.1AI score0.00935EPSS

Exploits1References6

Cvelist•added 2008/04/16 5:0 p.m.•18 views

CVE-2008-1844

SQL injection vulnerability in cat.php in W2B phpHotResources allows remote attackers to execute arbitrary SQL commands via the kind parameter...

8.4AI score0.00935EPSS

Exploits1References6

CVE•added 2008/04/16 5:0 p.m.•45 views

CVE-2008-1844

The CVE-2008-1844 entry concerns a SQL injection vulnerability in W2B phpHotResources, specifically in cat.php where the kind parameter can be exploited to execute arbitrary SQL commands. Affected component/function is cat.php in the PHP-based W2B phpHotResources application; underlying issue is ...

7.5CVSS8.4AI score0.00935EPSS

Exploits1References6Affected Software1

Prion•added 2007/05/14 11:19 p.m.•9 views

Input validation

PHPChain 1.0 and earlier allows remote attackers to obtain the installation path via invalid values of the catid parameter to 1 settings.php or 2 cat.php, as demonstrated by XSS manipulations...

4.3CVSS6.4AI score0.00574EPSS

Exploits0References6Affected Software1

CVE•added 2006/07/03 7:0 p.m.•40 views

CVE-2006-3349

CVE-2006-3349: The connected sources confirm multiple SQL injection vulnerabilities in SmS Script, exploitable remotely via the CatID parameter in cat.php and add.php. The NVD entry documents the impact as arbitrary SQL execution with partial confidentiality/integrity/availability effects (CVSS v...

7.5CVSS8.9AI score0.00431EPSS

Exploits0References2Affected Software1

NVD•added 2006/06/07 12:2 a.m.•10 views

CVE-2006-2876

Cross-site scripting XSS vulnerability in cat.php in PHP Pro Publish 2.0 allows remote attackers to inject arbitrary web script or HTML via the catname parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

6.8CVSS5.6AI score0.01039EPSS

Exploits1References2

Prion•added 2006/06/07 12:2 a.m.•14 views

Cross site scripting

6.8CVSS6.1AI score0.01039EPSS

Exploits1References2Affected Software1

Cvelist•added 2006/06/07 12:0 a.m.•13 views

CVE-2006-2876

5.6AI score0.01039EPSS

Exploits1References2

CVE•added 2006/06/07 12:0 a.m.•42 views

CVE-2006-2876

CVE-2006-2876 is an XSS vulnerability in PHP Pro Publish 2.0 where the catname parameter of cat.php can be exploited to inject arbitrary script/HTML. The affected component is cat.php within PHP Pro Publish 2.0; root cause is insufficient input validation on catname leading to script injection. T...

6.8CVSS5.7AI score0.01039EPSS

Exploits1References2Affected Software1

NVD•added 2006/03/01 2:2 a.m.•11 views

CVE-2006-0939

SQL injection vulnerability in DCI-Taskeen 1.03 allows remote attackers to execute arbitrary SQL commands via the 1 id or 2 action parameter to a basket.php, or 3 id or 4 page parameter to b cat.php...

7.5CVSS8.4AI score0.00554EPSS

Exploits1References5

Cvelist•added 2006/03/01 2:0 a.m.•12 views

CVE-2006-0939

8.4AI score0.00554EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by