CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2008/05/13 10:20 p.m.•16 views

Sql injection

Multiple SQL injection vulnerabilities in cpLinks 1.03, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 adminusername parameter aka the username field to admin/index.php and the 2 searchtext and 3 searchcategory parameters to search.php. NOTE:...

6.8CVSS9.2AI score0.0055EPSS

Prion•added 2008/05/13 10:20 p.m.•10 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in search.php in cpLinks 1.03 allow remote attackers to inject arbitrary web script or HTML via the 1 searchtext and 2 searchcategory parameters. NOTE: the XSS reportedly occurs in a forced SQL error message. NOTE: some of these details are obtain...

4.3CVSS6.1AI score0.04107EPSS

NVD•added 2008/05/13 10:20 p.m.•10 views

CVE-2008-2181

4.3CVSS5.8AI score0.04107EPSS

NVD•added 2008/05/13 10:20 p.m.•9 views

CVE-2008-2180

6.8CVSS8.5AI score0.0055EPSS

CVE•added 2008/05/13 10:0 p.m.•43 views

CVE-2008-2181

CVE-2008-2181 affects cpLinks 1.03, exposing multiple XSS vulnerabilities in search.php via the search_text and search_category parameters. The XSS is reportedly triggered by a forced SQL error message. Public references and NVD entries corroborate the description. No remediation or patch details...

4.3CVSS5.8AI score0.04107EPSS

CVE•added 2008/05/13 10:0 p.m.•31 views

CVE-2008-2180

CVE-2008-2180 affects cpLinks 1.03 and describes multiple SQL injection vulnerabilities when magic_quotes_gpc is disabled. Exploitable via (1) admin_username (username field) to admin/index.php and (2) search_text and (3) search_category parameters to search.php. CVSS v2 base score 6.8 (MEDIUM) f...

6.8CVSS8.5AI score0.0055EPSS

Cvelist•added 2008/05/13 10:0 p.m.•15 views

CVE-2008-2180

8.5AI score0.0055EPSS

Cvelist•added 2008/05/13 10:0 p.m.•14 views

CVE-2008-2181

5.8AI score0.04107EPSS

Packet Storm•added 2008/05/05 12:0 a.m.•35 views

cplinks-sqlxss.txt

|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | | |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| Title :: cpLinks v1.03...

7.4AI score

seebug.org•added 2008/05/05 12:0 a.m.•13 views

cpLinks 1.03 (bypass/SQL/XXS) Multiple Remote Vulnerabilities

7.1AI score

0day.today•added 2008/05/04 12:0 a.m.•15 views

cpLinks 1.03 (bypass/SQL/XXS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================================= cpLinks 1.03 bypass/SQL/XXS Multiple Remote Vulnerabilities =============================================================...

7.1AI score

Exploit DB•added 2008/05/04 12:0 a.m.•55 views

Cplinks 1.03 - Authentication Bypass / SQL Injection / Cross-Site Scripting

7.4AI score

exploitpack•added 2008/05/04 12:0 a.m.•9 views

Cplinks 1.03 - Authentication Bypass SQL Injection Cross-Site Scripting

Cplinks 1.03 - Authentication Bypass SQL Injection Cross-Site Scripting |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...

0.8AI score