Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2005-4362

Malware in sbrugna...

5.8CVSS6.4AI score0.00427EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2005-4132

Malware in sbrugna...

7.5CVSS6.4AI score0.00963EPSS
Exploits1References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2005-4361

Malware in sbrugna...

6.4CVSS6.4AI score0.00824EPSS
Exploits0References17
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.27 views

DRZES HMS 3.2 Login.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15766/info DRZES HMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scri...

7.1AI score
Exploits0
securityvulns
securityvulnsadded 2006/03/28 12:0 a.m.24 views

CONTROLzx HMS - Hosting Management System vuln.

CONTROLzx HMS - Hosting Management System vuln. Vuln. discovered by : r0t Date: 27 march 2006 vendor:http://front.controlzx.com/ affected versions:V.3.3.4 and prior orginal advisory:http://pridels.blogspot.com/2006/03/controlzx-hms-hosting-management.html Vuln. description: CONTROLzx HMS contains...

0.1AI score
Exploits0
NVD
NVDadded 2005/12/20 1:3 a.m.14 views

CVE-2005-4366

Multiple SQL injection vulnerabilities in DRZES HMS 3.2 allow remote attackers to execute arbitrary SQL commands via the 1 planid parameter to a domains.php, b viewusage.php, c popaccounts.php, d databases.php, e ftpusers.php, f crons.php, g passdirs.php, h zonefiles.php, i htaccess.php, and j...

6.4CVSS8.4AI score0.00824EPSS
Exploits0References16
Cvelist
Cvelistadded 2005/12/20 1:0 a.m.17 views

CVE-2005-4366

Multiple SQL injection vulnerabilities in DRZES HMS 3.2 allow remote attackers to execute arbitrary SQL commands via the 1 planid parameter to a domains.php, b viewusage.php, c popaccounts.php, d databases.php, e ftpusers.php, f crons.php, g passdirs.php, h zonefiles.php, i htaccess.php, and j...

8.4AI score0.00824EPSS
Exploits0References16
CVE
CVEadded 2005/12/20 1:0 a.m.43 views

CVE-2005-4367

The CVE-2005-4367 entry describes an XSS in DRZES HMS 3.2 (and later CONTROLzx, renamed from DRZES, 3.3.4) via register_domain.php, likely through unspecified search parameters (potentially the Domain Availability field). Affected function is register_domain.php; root cause is improper handling/e...

5.8CVSS6.1AI score0.00427EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2005/12/20 1:0 a.m.13 views

CVE-2005-4367

Cross-site scripting XSS vulnerability in registerdomain.php in DRZES HMS 3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the "Domain Availability" field. NOTE: this issue was later reported to affect CONTROLzx renamed from DRZES 3.3....

5.8AI score0.00427EPSS
Exploits0References5
CVE
CVEadded 2005/12/20 1:0 a.m.47 views

CVE-2005-4366

CVE-2005-4366 describes multiple SQL injection vulnerabilities in DRZES HMS 3.2. The issues allow remote attackers to execute arbitrary SQL commands via various parameters across several PHP scripts (e.g., plan_id to domains.php, viewusage.php, pop_accounts.php, databases.php, ftp_users.php, cron...

6.4CVSS8.6AI score0.00824EPSS
Exploits0References16Affected Software1
NVD
NVDadded 2005/12/09 3:3 p.m.13 views

CVE-2005-4137

SQL injection vulnerability in viewinvoice.php in DRZES HMS 3.2 allows remote attackers to execute arbitrary SQL commands via the invoiceID parameter...

7.5CVSS8.3AI score0.00963EPSS
Exploits1References7
NVD
NVDadded 2005/12/09 3:3 p.m.8 views

CVE-2005-4136

Cross-site scripting XSS vulnerability in login.php in DRZES HMS 3.2 allows remote attackers to inject arbitrary web script or HTML via the customerEmailAddress parameter...

4.3CVSS5.7AI score0.00416EPSS
Exploits1References4
Cvelist
Cvelistadded 2005/12/09 3:0 p.m.20 views

CVE-2005-4137

SQL injection vulnerability in viewinvoice.php in DRZES HMS 3.2 allows remote attackers to execute arbitrary SQL commands via the invoiceID parameter...

8.3AI score0.00963EPSS
Exploits1References7
CVE
CVEadded 2005/12/09 3:0 p.m.45 views

CVE-2005-4137

CVE-2005-4137 describes an SQL injection in DRZES HMS 3.2: viewinvoice.php allows remote attackers to manipulate the backend via the invoiceID parameter, enabling arbitrary SQL execution. This is part of broader SQL injection findings in DRZES HMS 3.2 (noting that the 4137 vector is explicitly th...

7.5CVSS8.7AI score0.00963EPSS
Exploits1References7Affected Software1
CVE
CVEadded 2005/12/09 3:0 p.m.42 views

CVE-2005-4136

CVE-2005-4136 describes a Cross-site Scripting (XSS) vulnerability in DRZES HMS 3.2, specifically in login.php where the customerEmailAddress parameter can be exploited to inject arbitrary web script/HTML. The issue affects the login process and can be triggered remotely, with a NVD base score of...

4.3CVSS6AI score0.00416EPSS
Exploits1References4Affected Software1
securityvulns
securityvulnsadded 2005/12/08 12:0 a.m.22 views

DRZES HMS XSS and SQL Injection Vulnerabilities

Description: http://www.drzes.com/ An all-in-one web hosting management system. A feature-rich, robust, easy-to-use control panel and billing system. A "self-branding" web hosting management system. No DRZES branding. Both the admin and customer can control multiple plans/servers from one...

0.1AI score
Exploits0
exploitpack
exploitpackadded 2005/12/07 12:0 a.m.12 views

DRZES Hms 3.2 - login.php Cross-Site Scripting

DRZES Hms 3.2 - login.php Cross-Site Scripting source: https://www.securityfocus.com/bid/15766/info DRZES HMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

6.8AI score
Exploits0
exploitpack
exploitpackadded 2005/11/29 12:0 a.m.10 views

DRZES Hms 3.2 - Multiple SQL Injections

DRZES Hms 3.2 - Multiple SQL Injections source: https://www.securityfocus.com/bid/15644/info DRZES HMS is prone to multiple SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before it is used in SQL queries. Successful exploitation could...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2005/11/26 12:0 a.m.31 views

DRZES HMS 3.2 Multiple vuln.

DRZES HMS 3.2 - Hosting Management System -multiple SQL inj. vuln. and XSS vuln. Vuln. dicovered by : r0t Date: 25 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/drzes-hms-32-multiple-vuln.html Vendor:http://drzes.com/ affected version:3.2 and prior Product description: Increase...

0.2AI score
Exploits0
Rows per page
Query Builder