CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2007-3672

Malware in sbrugna...

2.6CVSS6.4AI score0.00574EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-3656

Malware in sbrugna...

4.3CVSS6.4AI score0.00323EPSS

Exploits0References4

Prion•added 2007/07/11 5:30 p.m.•13 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in DotClear 1.2.6 allow remote attackers to perform actions as arbitrary users via the 1 toolurl parameter to ecrire/tools.php and multiple fields on the 2 blogconf, 3 blogroll, 4 ecrire/redacteur.php, and 5 ecrire/userprefs.php pages...

2.6CVSS7.7AI score0.00574EPSS

Exploits0References7Affected Software1

NVD•added 2007/07/11 5:30 p.m.•11 views

CVE-2007-3688

2.6CVSS7.2AI score0.00574EPSS

Exploits0References7

CVE•added 2007/07/11 5:0 p.m.•53 views

CVE-2007-3688

The vulnerability described across sources concerns DotClear 1.2.6, where multiple cross-site request forgery (CSRF) flaws allow remote attackers to perform actions as arbitrary users. The entry specifies exploitation via the tool_url parameter to ecrire/tools.php and through several fields on pa...

2.6CVSS7.2AI score0.00574EPSS

Exploits0References7Affected Software1

NVD•added 2007/07/10 7:30 p.m.•11 views

CVE-2007-3672

Cross-site scripting XSS vulnerability in ecrire/tools.php in DotClear 1.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified form fields on the blogroll page...

4.3CVSS5.7AI score0.00323EPSS

Exploits0References3

CVE•added 2007/07/10 7:0 p.m.•38 views

CVE-2007-3672

The CVE-2007-3672 entry concerns DotClear 1.2.6, specifically the ecrire/tools.php component. The vulnerability is a Cross-Site Scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML through unspecified form fields on the blogroll page. This is a client-side scri...

4.3CVSS5.7AI score0.00323EPSS

Exploits0References3Affected Software1

securityvulns•added 2007/04/13 12:0 a.m.•38 views

[Full-disclosure] Dotclear 1.* Cross Site Scripting Vulnerability

Dotclear 1. Cross Site Scripting Vulnerability 1--two cross site scripting vulnerabilities have been discovered in the dotclear1. allowing a remote attackers to hijack authenticated session Workaround: $postid trackback.php $toolurl/tools/thememng/index.php are not filtered 2-Proof of Concepts:...

0.9AI score

Exploits0

Packet Storm•added 2007/04/12 12:0 a.m.•51 views

dotclear-xss.txt

------=Part236063482423.1176380209314 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Dotclear 1. Cross Site Scripting Vulnerability 1--two cross site scripting vulnerabilities have been discovered in the dotclear1. allowing ...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by