Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-2683

Malware in sbrugna...

5.8CVSS6.4AI score0.01299EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-2908

Malware in sbrugna...

7.5CVSS6.4AI score0.01387EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2006-3132

Malware in sbrugna...

7.5CVSS6.4AI score0.01859EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-2928

Malware in sbrugna...

5.1CVSS6.4AI score0.01478EPSS
Exploits0References9
NVD
NVD
added 2006/07/13 9:5 p.m.14 views

CVE-2006-3135

Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the 1 newsid parameter in the a news module, 2 searchstring parameter in b the search module, 3 id parameter in c the webshop module, 4...

7.5CVSS8.5AI score0.01859EPSS
Exploits1References10
Cvelist
Cvelist
added 2006/07/13 9:0 p.m.17 views

CVE-2006-3135

Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the 1 newsid parameter in the a news module, 2 searchstring parameter in b the search module, 3 id parameter in c the webshop module, 4...

8.5AI score0.01859EPSS
Exploits1References10
CVE
CVE
added 2006/07/13 9:0 p.m.54 views

CVE-2006-3135

CVE-2006-3135 affects CMS Mundo 1.0 build 008 (and possibly other versions). The vulnerability is a set of multiple SQL injection flaws that enable remote attackers to run arbitrary SQL commands via (1) news_id in the news module, (2) searchstring in the search module, (3) id in the webshop modul...

7.5CVSS8.9AI score0.01859EPSS
Exploits1References10Affected Software1
securityvulns
securityvulns
added 2006/07/13 12:0 a.m.36 views

[SA20589] CMS Mundo SQL Injection Vulnerabilities

---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...

0.7AI score
Exploits0
NVD
NVD
added 2006/06/21 7:2 p.m.14 views

CVE-2006-2911

SQL injection vulnerability in controlpanel/index.php in CMS Mundo before 1.0 build 008 allows remote attackers to execute arbitrary SQL commands via the username parameter...

7.5CVSS8.4AI score0.01387EPSS
Exploits0References8
NVD
NVD
added 2006/06/21 7:2 p.m.13 views

CVE-2006-2931

CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, which allows remote attackers to execute arbitrary PHP code by uploading and later directly accessing certain files...

5.1CVSS7.7AI score0.01478EPSS
Exploits0References7
Prion
Prion
added 2006/06/21 7:2 p.m.15 views

Sql injection

SQL injection vulnerability in controlpanel/index.php in CMS Mundo before 1.0 build 008 allows remote attackers to execute arbitrary SQL commands via the username parameter...

7.5CVSS9AI score0.01387EPSS
Exploits0References8Affected Software1
Prion
Prion
added 2006/06/21 7:2 p.m.17 views

Code injection

CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, which allows remote attackers to execute arbitrary PHP code by uploading and later directly accessing certain files...

5.1CVSS8.5AI score0.01478EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2006/06/21 7:0 p.m.43 views

CVE-2006-2931

CMS Mundo prior to 1.0 build 008 is affected by CVE-2006-2931 due to an input validation error in the image upload handling that allows remote attackers to upload PHP scripts and then access them directly to execute arbitrary code. The vulnerability resides in the image gallery upload path, enabl...

5.1CVSS7.7AI score0.01478EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2006/06/21 7:0 p.m.20 views

CVE-2006-2911

SQL injection vulnerability in controlpanel/index.php in CMS Mundo before 1.0 build 008 allows remote attackers to execute arbitrary SQL commands via the username parameter...

8.4AI score0.01387EPSS
Exploits0References8
Cvelist
Cvelist
added 2006/06/21 7:0 p.m.24 views

CVE-2006-2931

CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, which allows remote attackers to execute arbitrary PHP code by uploading and later directly accessing certain files...

7.7AI score0.01478EPSS
Exploits0References7
CVE
CVE
added 2006/06/21 7:0 p.m.39 views

CVE-2006-2911

The CVE concerns CMS Mundo prior to 1.0 build 008, where SQL injection in controlpanel/index.php via the login username parameter allows remote attackers to execute arbitrary SQL commands. This vulnerability affects the username handling in the login flow, enabling potential data disclosure/manip...

7.5CVSS8.4AI score0.01387EPSS
Exploits0References8Affected Software1
securityvulns
securityvulns
added 2006/06/15 12:0 a.m.33 views

Secunia Research: CMS Mundo SQL Injection and File Upload Vulnerabilities

====================================================================== Secunia Research 14/06/2006 - CMS Mundo SQL Injection and File Upload Vulnerabilities - ====================================================================== Table of Contents Affected...

7.5CVSS0.6AI score0.01478EPSS
Exploits0
NVD
NVD
added 2006/05/31 10:6 a.m.13 views

CVE-2006-2684

Cross-site scripting XSS vulnerability in the search module in CMS Mundo 1.0 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter...

5.8CVSS5.7AI score0.01299EPSS
Exploits0References6
Prion
Prion
added 2006/05/31 10:6 a.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in the search module in CMS Mundo 1.0 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter...

5.8CVSS6.2AI score0.01299EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2006/05/31 10:0 a.m.40 views

CVE-2006-2684

CVE-2006-2684 : An XSS vulnerability in the search module of CMS Mundo 1.0 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter. The root cause is not fully described beyond “XSS in search.” Impact details are limited in the provided documents; CVSS metric...

5.8CVSS5.7AI score0.01299EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder