Lucene search
K

134 matches found

NVD
NVD
added 2006/12/15 10:28 p.m.17 views

CVE-2006-6600

Cross-site scripting XSS vulnerability in dir.php in TorrentFlux 2.2, when allows remote attackers to inject arbitrary web script or HTML via double URL-encoded strings in the dir parameter, a related issue to CVE-2006-5609...

6CVSS5.7AI score0.00974EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2006/12/04 11:28 a.m.2 views

CVE-2006-6272

Cross-site scripting XSS vulnerability in spindex.php in Simple PHP Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...

6.8CVSS5.8AI score0.01695EPSS
Exploits0References5
NVD
NVD
added 2006/12/04 11:28 a.m.17 views

CVE-2006-6272

Cross-site scripting XSS vulnerability in spindex.php in Simple PHP Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...

6.8CVSS5.8AI score0.01695EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2006/12/04 11:28 a.m.2 views

CVE-2006-6273

spindex.php in Simple PHP Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid dir parameter, which reveals the path in an error message...

7.5CVSS5.6AI score0.01413EPSS
Exploits0References4
Cvelist
Cvelist
added 2006/12/04 11:0 a.m.16 views

CVE-2006-6272

Cross-site scripting XSS vulnerability in spindex.php in Simple PHP Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...

5.8AI score0.01695EPSS
Exploits0References4
NVD
NVD
added 2006/10/20 2:7 p.m.16 views

CVE-2006-5419

PHP remote file inclusion vulnerability in client.php in University of Glasgow Specimen Image Database SID, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter...

7.5CVSS7.5AI score0.02679EPSS
Exploits1References5
Prion
Prion
added 2006/05/16 10:2 a.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or HTML via the dir parameter...

4.3CVSS6.1AI score0.01221EPSS
Exploits1References3
CVE
CVE
added 2006/01/18 1:0 a.m.41 views

CVE-2006-0235

The CVE-2006-0235 entry describes an SQL injection vulnerability in WhiteAlbum 2.5, exploitable remotely via the dir parameter to pictures.php. The affected component is WhiteAlbum 2.5, with root cause being an SQL injection that allows attackers to run arbitrary SQL commands. The NVD metrics rat...

7.5CVSS8.4AI score0.01321EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2006/01/07 1:0 a.m.26 views

CVE-2006-0112

Cross-site scripting XSS vulnerability in index.php in Enhanced Simple PHP Gallery 1.7 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...

5.8AI score0.01255EPSS
Exploits1References4
Prion
Prion
added 2006/01/05 11:3 a.m.9 views

Directory traversal

Directory traversal vulnerability in index.php in IDV Directory Viewer before 2005.1 allows remote attackers to view arbitrary directory contents via a .. dot dot in the dir parameter...

5CVSS7.2AI score0.01642EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2005/08/16 4:0 a.m.25 views

CVE-2004-2308

Cross-site scripting XSS vulnerability in cPanel 9.1.0 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the dir parameter in dohtaccess.html...

5.8AI score0.01717EPSS
Exploits1References3
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.18 views

CVE-2003-1146

Cross-site scripting XSS vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...

5.8AI score0.0348EPSS
Exploits1References2
NVD
NVD
added 2003/05/11 4:0 a.m.13 views

CVE-2003-1146

Cross-site scripting XSS vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...

6.8CVSS5.8AI score0.0348EPSS
Exploits1References2
CVE
CVE
added 2002/06/11 4:0 a.m.42 views

CVE-2002-0434

The CVE-2002-0434 issue centers on the directory.php script by Marcus S. Xenakis, which allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter. Connected sources (OpenVAS NASL and Tenable plugin) confirm a remote command-execution vulnerability in the ...

10CVSS7.6AI score0.03354EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder