CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Easy Content Management Publishing stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database/News.mdb...

5CVSS6.3AI score0.04492EPSS

Exploits0References2

CVE•added 2009/03/20 12:0 a.m.•37 views

CVE-2008-6493

CVE-2008-6493 affects Easy Content Management Publishing, where sensitive data is stored under the web root with insufficient access control. An attacker can remotely retrieve the News.mdb database by issuing a direct request to Database/News.mdb, exposing partial confidentiality (per the descrip...

5CVSS6.5AI score0.04492EPSS

Exploits0References2Affected Software1

myhack58•added 2009/02/17 12:0 a.m.•11 views

Moving-2 0 0 6 a few small flaws-vulnerability warning-the black bar safety net

The author of the article: the falling leaves swirlingJJSEX Information source: http://hi.baidu.com/jluoye Now they move easy companies are taking action easy content management system open source, Hey However with the move-2 0 0 6 people is still a lot, my hand on the SWI 0day almost never used,...

7.2AI score

Exploits0

Prion•added 2007/01/16 11:28 p.m.•18 views

Code injection

Unspecified vulnerability in easy-content filemanager allows remote attackers to upload or modify arbitrary files via unspecified vectors...

7.5CVSS7.3AI score0.00636EPSS

Exploits0References2

CVE•added 2007/01/16 11:0 p.m.•64 views

CVE-2007-0252

Technical details (affected product/version, vectors, exploitability) are not provided in the supplied documents. Monitor for updates; no public details are available here.

7.5CVSS6.9AI score0.00636EPSS

Exploits0References2Affected Software1

Prion•added 2006/05/31 10:6 a.m.•13 views

Sql injection

Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 startletter parameter in userview.asp and the 2 forumname parameter in topics.asp...

6.4CVSS9.3AI score0.00849EPSS

Exploits0References3Affected Software1

Prion•added 2006/05/31 10:6 a.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 startletter parameter in userview.asp and the 2 catid parameter in topics.asp...

6.8CVSS6.4AI score0.00726EPSS

Exploits0References3Affected Software1

NVD•added 2006/05/31 10:6 a.m.•13 views

CVE-2006-2696

6.8CVSS6AI score0.00726EPSS

Exploits0References3

NVD•added 2006/05/31 10:6 a.m.•10 views

CVE-2006-2697

6.4CVSS8.5AI score0.00849EPSS

Exploits0References3

Cvelist•added 2006/05/31 10:0 a.m.•15 views

CVE-2006-2697

8.5AI score0.00849EPSS

Exploits0References3

CVE•added 2006/05/31 10:0 a.m.•45 views

CVE-2006-2697

CVE-2006-2697 concerns SQL injection vulnerabilities in Easy-Content Forums 1.0. The affected components are the web scripts and parameters: startletter in userview.asp and forumname in topics.asp, where user-supplied input can be used to alter SQL queries. This is documented in the NVD descripti...

6.4CVSS8.5AI score0.00849EPSS

Exploits0References3Affected Software1

CVE•added 2006/05/31 10:0 a.m.•50 views

CVE-2006-2696

CVE-2006-2696 describes Cross-site scripting (XSS) in Easy-Content Forums 1.0. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the (1) startletter parameter in userview.asp and (2) catid parameter in topics.asp. Public records indicate an impact on confidentia...

6.8CVSS6.1AI score0.00726EPSS

Exploits0References3Affected Software1

Cvelist•added 2006/05/31 10:0 a.m.•11 views

CVE-2006-2696

6AI score0.00726EPSS

Exploits0References3

securityvulns•added 2006/05/27 12:0 a.m.•51 views

Easy-Content Forums 1.0 Multiple [SQL/XSS] Vulnerabilities

ENGLISH Title : Easy-Content Forums 1.0 Multiple SQL/XSS Vulnerabilities Dork : "Copyright 2004 easy-content forums" Author : ajann Exploit; SQL INJECTON-------------------------------------------------------- http://target/path/userview.asp?startletter=SQL TEXT...

Exploits0

Exploit DB•added 2006/05/26 12:0 a.m.•36 views

Easy-Content Forums 1.0 - Multiple SQL Injection / Cross-Site Scripting Vulnerabilities

ENGLISH Title : Easy-Content Forums 1.0 Multiple SQL/XSS Vulnerabilities Dork : "Copyright 2004 easy-content forums" Author : ajann Exploit; SQL INJECT.ON-------------------------------------------------------- http://target/path/userview.asp?startletter=SQL TEXT...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by