Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-2120

Malware in sbrugna...

7.5CVSS6.4AI score0.02346EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-2119

Malware in sbrugna...

7.5CVSS6.4AI score0.01011EPSS
Exploits0References4
Prion
Prion
added 2009/06/19 6:0 p.m.13 views

Sql injection

Multiple SQL injection vulnerabilities in Elvin 1.2.0 allow remote attackers to execute arbitrary SQL commands via the 1 inUser aka Username and 2 inPass aka Password parameters to a inc/login.ei, reachable through login.php; and the 3 id parameter to b showbug.php and c showactivity.php. NOTE: i...

7.5CVSS9.3AI score0.01011EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2009/06/19 6:0 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in showactivity.php in Elvin 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

4.3CVSS6.1AI score0.01216EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2009/06/19 6:0 p.m.22 views

CVE-2009-2130

Elvin 1.2.0 allows remote attackers to read the PHP source code of 1 login.ei, 2 jumpbug.ei, or 3 createaccount.ei in inc/ via a direct request...

5CVSS6.8AI score0.02274EPSS
Exploits0References1
Prion
Prion
added 2009/06/19 6:0 p.m.12 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in login.php in Elvin 1.2.0 allows remote attackers to hijack the authentication of arbitrary users via a logout action...

6.8CVSS7.7AI score0.00891EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2009/06/19 6:0 p.m.4 views

CVE-2009-2130

Elvin 1.2.0 allows remote attackers to read the PHP source code of 1 login.ei, 2 jumpbug.ei, or 3 createaccount.ei in inc/ via a direct request...

5CVSS5.7AI score0.02274EPSS
Exploits0References2
Prion
Prion
added 2009/06/19 6:0 p.m.14 views

Directory traversal

Directory traversal vulnerability in page.php in Elvin 1.2.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the id parameter...

7.5CVSS7.6AI score0.02346EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2009/06/19 6:0 p.m.15 views

Design/Logic Flaw

Elvin 1.2.0 allows remote attackers to read the PHP source code of 1 login.ei, 2 jumpbug.ei, or 3 createaccount.ei in inc/ via a direct request...

5CVSS7.3AI score0.02274EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2009/06/19 6:0 p.m.19 views

CVE-2009-2129

Cross-site request forgery CSRF vulnerability in login.php in Elvin 1.2.0 allows remote attackers to hijack the authentication of arbitrary users via a logout action...

6.8CVSS7.1AI score0.00891EPSS
Exploits0References1
NVD
NVD
added 2009/06/19 6:0 p.m.22 views

CVE-2009-2127

Cross-site scripting XSS vulnerability in showactivity.php in Elvin 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

4.3CVSS5.7AI score0.01216EPSS
Exploits0References2
NVD
NVD
added 2009/06/19 6:0 p.m.19 views

CVE-2009-2123

Multiple SQL injection vulnerabilities in Elvin 1.2.0 allow remote attackers to execute arbitrary SQL commands via the 1 inUser aka Username and 2 inPass aka Password parameters to a inc/login.ei, reachable through login.php; and the 3 id parameter to b showbug.php and c showactivity.php. NOTE: i...

7.5CVSS8.5AI score0.01011EPSS
Exploits0References3
CVE
CVE
added 2009/06/19 5:32 p.m.46 views

CVE-2009-2129

CVE-2009-2129 describes a cross-site request forgery (CSRF) vulnerability in the Elvin 1.2.0 login.php that allows a remote attacker to hijack the authentication of arbitrary users via a logout action. The vulnerability is documented across multiple sources (NVD entry and CVE records) with the sa...

6.8CVSS7.3AI score0.00891EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2009/06/19 5:32 p.m.22 views

CVE-2009-2129

Cross-site request forgery CSRF vulnerability in login.php in Elvin 1.2.0 allows remote attackers to hijack the authentication of arbitrary users via a logout action...

7.1AI score0.00891EPSS
Exploits0References1
Cvelist
Cvelist
added 2009/06/19 5:32 p.m.23 views

CVE-2009-2124

Directory traversal vulnerability in page.php in Elvin 1.2.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the id parameter...

7.1AI score0.02346EPSS
Exploits0References2
CVE
CVE
added 2009/06/19 5:32 p.m.40 views

CVE-2009-2127

CVE-2009-2127 is a cross‑site scripting (XSS) vulnerability in Elvin 1.2.0 , specifically in the file show_activity.php . The flaw allows remote attackers to inject arbitrary web script or HTML via the id parameter. The referenced CVSSv2 base score is 4.3 (Medium) with network access, user intera...

4.3CVSS5.9AI score0.01216EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2009/06/19 5:32 p.m.24 views

CVE-2009-2130

Elvin 1.2.0 allows remote attackers to read the PHP source code of 1 login.ei, 2 jumpbug.ei, or 3 createaccount.ei in inc/ via a direct request...

6.8AI score0.02274EPSS
Exploits0References1
CVE
CVE
added 2009/06/19 5:32 p.m.44 views

CVE-2009-2124

Elvin 1.2.0 is affected by a directory traversal vulnerability in page.php that allows remote attackers to include and execute arbitrary local files via a .. in the id parameter. Impact details: CVSSv2 base score 7.5 (HIGH) with NETWORK attack vector, LOW complexity, NONE authentication, and PART...

7.5CVSS7.3AI score0.02346EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2009/06/19 5:32 p.m.25 views

CVE-2009-2123

Multiple SQL injection vulnerabilities in Elvin 1.2.0 allow remote attackers to execute arbitrary SQL commands via the 1 inUser aka Username and 2 inPass aka Password parameters to a inc/login.ei, reachable through login.php; and the 3 id parameter to b showbug.php and c showactivity.php. NOTE: i...

8.5AI score0.01011EPSS
Exploits0References3
Cvelist
Cvelist
added 2009/06/19 5:32 p.m.21 views

CVE-2009-2127

Cross-site scripting XSS vulnerability in showactivity.php in Elvin 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

5.7AI score0.01216EPSS
Exploits0References2
Rows per page
Query Builder