Lucene search
K

5 matches found

NVD
NVD
added 2009/03/06 11:30 a.m.15 views

CVE-2008-6404

Cross-site scripting XSS vulnerability in addcalendars.php in eXtrovert Software Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the callback parameter...

4.3CVSS5.7AI score0.01449EPSS
Exploits1References3
Prion
Prion
added 2008/10/07 12:31 a.m.12 views

Sql injection

SQL injection vulnerability in pickusers.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the unamesearch parameter. NOTE: some of these details are obtained from third party information...

7.5CVSS9AI score0.00971EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2008/10/07 12:0 a.m.17 views

CVE-2008-4459

SQL injection vulnerability in pickusers.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the unamesearch parameter. NOTE: some of these details are obtained from third party information...

8.3AI score0.00971EPSS
Exploits1References4
CVE
CVE
added 2008/10/07 12:0 a.m.44 views

CVE-2008-4459

The CVE-2008-4459 entry concerns the web app component eXtrovert Thyme 1.3 , specifically the pick_users.php (groups module) . It describes a SQL injection vulnerability exploitable via the uname_search parameter that could allow remote attackers to execute arbitrary SQL commands. The vulnerabili...

7.5CVSS8.4AI score0.00971EPSS
Exploits1References4Affected Software1
Exploit DB
Exploit DB
added 2008/09/08 12:0 a.m.34 views

eXtrovert software Thyme 1.3 - 'pick_users.php' SQL Injection

source: https://www.securityfocus.com/bid/31063/info eXtrovert software Thyme is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, acces...

7.4AI score
Exploits0
Rows per page
Query Builder