Lucene search
K

3872 matches found

NVD
NVD
added 2006/04/03 2:4 p.m.17 views

CVE-2006-1434

Cross-site scripting XSS vulnerability in inscription.php in Annuaire Directory 1.0 allows remote attackers to inject arbitrary web script or HTML via the Comment Field COMMENTAIRE parameter...

6.8CVSS5.7AI score0.01309EPSS
Exploits0References5
NVD
NVD
added 2006/03/31 11:6 a.m.17 views

CVE-2006-1554

Cross-site scripting XSS vulnerability in VSNS Lemon 3.2.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter while adding a comment...

2.6CVSS5.7AI score0.01335EPSS
Exploits0References7
Cvelist
Cvelist
added 2006/03/31 11:0 a.m.18 views

CVE-2006-1554

Cross-site scripting XSS vulnerability in VSNS Lemon 3.2.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter while adding a comment...

5.7AI score0.01335EPSS
Exploits0References7
Prion
Prion
added 2006/03/10 11:2 a.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in FTPoed Blog Engine 1.1 allows remote attackers to inject arbitrary web script or HTML via the commentbody parameter, as used by the comment field, when posting a comment...

4.3CVSS6.1AI score0.01213EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2006/03/10 11:2 a.m.11 views

CVE-2006-1143

Cross-site scripting XSS vulnerability in FTPoed Blog Engine 1.1 allows remote attackers to inject arbitrary web script or HTML via the commentbody parameter, as used by the comment field, when posting a comment...

4.3CVSS5.7AI score0.01213EPSS
Exploits1References3
Cvelist
Cvelist
added 2006/03/10 11:0 a.m.15 views

CVE-2006-1143

Cross-site scripting XSS vulnerability in FTPoed Blog Engine 1.1 allows remote attackers to inject arbitrary web script or HTML via the commentbody parameter, as used by the comment field, when posting a comment...

5.7AI score0.01213EPSS
Exploits1References3
NVD
NVD
added 2006/03/09 10:2 p.m.18 views

CVE-2006-1127

Cross-site scripting XSS vulnerability in Gallery 2 up to 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For XFORWARDEDFOR HTTP header, which is not properly handled when adding a comment to an album...

4.3CVSS5.6AI score0.0248EPSS
Exploits2References9
Packet Storm
Packet Storm
added 2006/03/09 12:0 a.m.27 views

sBlog_0.72_xss.txt

sBlog 0.7.2 == Multiple Cross-Site Scripting Vulnerability =================================== Information of Software: Software: sBlog 0.7.2 Site: http://servous.se/ Description: sBlog is a simple and new PHP Blog. Is very very simple and it's use by newbie of PHP...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2006/03/06 9:2 p.m.28 views

CVE-2006-1012

SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment...

7.5CVSS6.2AI score0.02907EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2006/03/06 9:0 p.m.37 views

CVE-2006-1012

SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment...

7.5CVSS7.3AI score0.02907EPSS
Exploits0
OSV
OSV
added 2006/03/03 11:2 a.m.6 views

CVE-2006-0985

Multiple cross-site scripting XSS vulnerabilities in the "post comment" functionality of WordPress 2.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 website, and 3 comment parameters...

5.7AI score
Exploits0References9
OSV
OSV
added 2006/03/03 11:2 a.m.3 views

DEBIAN-CVE-2006-0985

Multiple cross-site scripting XSS vulnerabilities in the "post comment" functionality of WordPress 2.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 website, and 3 comment parameters...

4.3CVSS5.9AI score0.0302EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2006/02/25 12:0 a.m.613 views

guestbook06.txt

author.: l0om - www.excluded.org product: guestbox latest non-BETA 0.6 page: http://spring.realone.ch dork: "Login - Guestbox 0.6" inurl:guestbox.php someone asked me to check the guestbook named "guestbox" and thats the advisory based on my checks. 1.0 everyone can set admin comments to all...

7.4AI score
Exploits0
NVD
NVD
added 2006/02/23 11:2 p.m.14 views

CVE-2006-0859

Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin comment to a guestbook entry via a certain modified form, possibly related to the nummer parameter...

5CVSS6.7AI score0.01491EPSS
Exploits0References6
Prion
Prion
added 2006/02/23 11:2 p.m.19 views

Design/Logic Flaw

Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin comment to a guestbook entry via a certain modified form, possibly related to the nummer parameter...

5CVSS7.3AI score0.01491EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2006/02/23 11:0 p.m.20 views

CVE-2006-0859

Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin comment to a guestbook entry via a certain modified form, possibly related to the nummer parameter...

6.7AI score0.01491EPSS
Exploits0References6
CVE
CVE
added 2006/02/23 11:0 p.m.40 views

CVE-2006-0859

CVE-2006-0859 affects Michael Salzer Guestbox 0.6 and earlier versions up to 0.7/0.8 pre-release? It describes a vulnerability where remote attackers can post an admin comment to a guestbook entry via a modified form, possibly related to the nummer parameter. The connected sources corroborate the...

5CVSS6.8AI score0.01491EPSS
Exploits0References6Affected Software1
Packet Storm
Packet Storm
added 2006/02/20 12:0 a.m.26 views

siteframe_5.0.2_xss.txt

Siteframe Beaumont 5.0.2 == User Comment Cross-Site Scripting Vulnerability Information of Software: Software: Siteframe Beaumont 5.0.1a Site: http://www.siteframe.org/ Description of software: Siteframe is a lightweight content-management system designed for the rapid deployment of community-bas...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/02/18 12:0 a.m.33 views

[SA18924] PerlBLOG Multiple Vulnerabilities

TITLE: PerlBLOG Multiple Vulnerabilities SECUNIA ADVISORY ID: SA18924 VERIFY ADVISORY: http://secunia.com/advisories/18924/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting WHERE: From remote SOFTWARE: PerlBLOG 1.x http://secunia.com/product/8128/ DESCRIPTION: Aliaksand...

0.1AI score
Exploits0
Prion
Prion
added 2006/02/15 11:6 a.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in sNews 1.3 allows remote attackers to inject arbitrary web script or HTML via the comment field...

4.3CVSS6.1AI score0.01711EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder