Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-2252

Malware in sbrugna...

6.4CVSS6.4AI score0.01366EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-0218

Malware in sbrugna...

7.5CVSS6.4AI score0.0128EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-5815

Malware in sbrugna...

4.3CVSS6.3AI score0.0105EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Invision Community Blog 1.0/1.1 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13910/info Multiple input validation vulnerabilities reportedly affect Invision Community Blog. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

Invision Community Blog Mod 1.2.4 - SQL Injection Vulnerability

No description provided by source. 1. Open any blog entry 2. Try to reply to any message 3. Push Preview message button Do not post your reply 4. Save source code of opened page to your PC 5. Find this string input type='hidden' name='eid' value='BLOGENTRYID' / 6. Change BLOGENTRYID with this SQL...

7.1AI score
Exploits0
Prion
Prion
added 2009/01/05 8:30 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Six Apart Movable Type MT before 4.23 allow remote attackers to inject arbitrary web script or HTML via a 1 MTEntryAuthorUsername, 2 MTAuthorDisplayName, 3 MTEntryAuthorDisplayName, or 4 MTCommenterName field in a Profile View template; a 5...

4.3CVSS6AI score0.0105EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2009/01/05 8:30 p.m.31 views

CVE-2008-5845

Multiple cross-site scripting XSS vulnerabilities in Six Apart Movable Type MT before 4.23 allow remote attackers to inject arbitrary web script or HTML via a 1 MTEntryAuthorUsername, 2 MTAuthorDisplayName, 3 MTEntryAuthorDisplayName, or 4 MTCommenterName field in a Profile View template; a 5...

4.3CVSS6AI score0.0105EPSS
Exploits0References1
Cvelist
Cvelist
added 2009/01/05 8:0 p.m.19 views

CVE-2008-5845

Multiple cross-site scripting XSS vulnerabilities in Six Apart Movable Type MT before 4.23 allow remote attackers to inject arbitrary web script or HTML via a 1 MTEntryAuthorUsername, 2 MTAuthorDisplayName, 3 MTEntryAuthorDisplayName, or 4 MTCommenterName field in a Profile View template; a 5...

5.7AI score0.0105EPSS
Exploits0References3
Cvelist
Cvelist
added 2006/12/07 5:0 p.m.20 views

CVE-2006-6369

SQL injection vulnerability in lib/entryreplyentry.php in Invision Community Blog Mod 1.2.4 allows remote attackers to execute arbitrary SQL commands via the eid parameter, when accessed through the "Preview message" functionality...

8.4AI score0.0108EPSS
Exploits0References4
seebug.org
seebug.org
added 2006/12/05 12:0 a.m.44 views

Invision Community Blog EID SQL注入漏洞

Invision Community Blog是一款基于Invision的一个日记模块。 Invision Community Blog不充分过滤用户提交的URI输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是脚本对用户提交的'EID'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息。 Invision Power Services Invision Community Blog 1.2.4 目前没有解决方案提供: http://www.invisionblog.com/...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/12/01 12:0 a.m.106 views

Invision Community Blog Mod 1.2.4 .PHP SQL Injection Vulnerability

Open any blog entry 2. Try to reply to any message 3. Push "Preview message" button Do not post your reply 4. Save source code of opened page to your PC 5. Find this string input type='hidden' name='eid' value='BLOGENTRYID' / 6. Change BLOGENTRYID with this SQL Injection: BLOGENTRYID UNION...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2006/12/01 12:0 a.m.29 views

Invision Community Blog Mod 1.2.4 - SQL Injection

Open any blog entry 2. Try to reply to any message 3. Push "Preview message" button Do not post your reply 4. Save source code of opened page to your PC 5. Find this string ' / 6. Change with this SQL Injection: UNION SELECT b.entryid, b.blogid, b.categoryid, b.entryauthorid, b.entryauthorname,...

7.4AI score
Exploits0
NVD
NVD
added 2006/05/09 10:2 a.m.13 views

CVE-2006-2251

SQL injection vulnerability in the dommod function in mod.php in Invision Community Blog ICB 1.1.2 final through 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter...

6.4CVSS8.3AI score0.01366EPSS
Exploits1References7
Prion
Prion
added 2006/05/09 10:2 a.m.16 views

Sql injection

SQL injection vulnerability in the dommod function in mod.php in Invision Community Blog ICB 1.1.2 final through 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter...

6.4CVSS9.1AI score0.01366EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2006/05/09 10:0 a.m.23 views

CVE-2006-2251

SQL injection vulnerability in the dommod function in mod.php in Invision Community Blog ICB 1.1.2 final through 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL commands via the selectedbids parameter...

8.3AI score0.01366EPSS
Exploits1References7
CVE
CVE
added 2006/05/09 10:0 a.m.35 views

CVE-2006-2251

CVE-2006-2251: A SQL injection in the do_mmod function of mod.php in Invision Community Blog (ICB) 1.1.2 final through 1.2 allows remote attackers with moderator privileges to execute arbitrary SQL via the selectedbids parameter. Affected software is Invision Community Blog (ICB). The vulnerabili...

6.4CVSS8.4AI score0.01366EPSS
Exploits1References7Affected Software1
Packet Storm
Packet Storm
added 2006/05/06 12:0 a.m.19 views

invisionCBSQL.txt

LEFT Invision Community Blog .. Bugs SQL Injection :- Filename :- mod.php Function name :- dommod The $ids Unfilter Input By Intval As Array : So We Can Do SQL Injection -- Arabic /LEFT RIGHT ÇáãÊÛíÑ $ids ÛíÑ ãÝáÊÑ Úä ØÑíÞ ÇáÏÇáå intval æåæ ÈÔßá ãÕÝæÝå .. áåÐÇ ÇáÓÈÈ ããßä Úãá ÷ÍÞäå /RIGHT LEFT php...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/06/10 12:0 a.m.22 views

Invision Community Blog Multiple Vulnerabilities (SQLi, XSS)

The remote host is running Invision Community Blog, a plugin for Invision Power Board that lets users have their own blogs. The version installed on the remote host fails to properly sanitize user-supplied data making it prone to multiple SQL injection and cross-site scripting vulnerabilities...

7.5CVSS5.8AI score0.01277EPSS
Exploits2References3
NVD
NVD
added 2005/05/02 4:0 a.m.14 views

CVE-2005-0217

SQL injection vulnerability in index.php in Invision Community Blog allows remote attackers to execute arbitrary SQL commands via the eid parameter...

7.5CVSS8.4AI score0.0128EPSS
Exploits0References6
Cvelist
Cvelist
added 2005/02/06 5:0 a.m.18 views

CVE-2005-0217

SQL injection vulnerability in index.php in Invision Community Blog allows remote attackers to execute arbitrary SQL commands via the eid parameter...

8.4AI score0.0128EPSS
Exploits0References6
Rows per page
Query Builder