CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Prion•added 2008/11/04 12:58 a.m.•14 views

Sql injection

SQL injection vulnerability in contactauthor.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter...

7.5CVSS9.1AI score0.00485EPSS

Exploits0References3Affected Software1

CVE•added 2008/11/04 12:0 a.m.•34 views

CVE-2008-4902

CVE-2008-4902 is an SQL injection vulnerability in Article Publisher Pro 1.5 ’s file contact_author.php , exploitable via the userid parameter to execute arbitrary SQL commands remotely. The NVD entry lists a NETWORK attack vector with LOW complexity and no authentication, yielding Partial impact...

7.5CVSS8.4AI score0.00485EPSS

Exploits0References3Affected Software1

Cvelist•added 2008/11/04 12:0 a.m.•13 views

CVE-2008-4902

SQL injection vulnerability in contactauthor.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter...

8.4AI score0.00485EPSS

Exploits0References3

Prion•added 2007/07/30 5:30 p.m.•10 views

Cross site scripting

Cross-site scripting XSS vulnerability in contactauthor.php AlstraSoft Article Manager Pro allows remote attackers to inject arbitrary web script or HTML via the userid parameter...

4.3CVSS6.1AI score0.00286EPSS

Exploits1References2Affected Software1

CVE•added 2007/07/30 5:0 p.m.•41 views

CVE-2007-4082

CVE-2007-4082 describes a cross-site scripting (XSS) vulnerability in AlstraSoft Article Manager Pro, exploitable via theuserid parameter in contact_author.php. The issue allows remote attackers to inject arbitrary scripts/HTML; CVSS v2 base score 4.3 (Medium) with Network attack vector, no authe...

4.3CVSS5.7AI score0.00286EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by