CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

Prion•added 2010/03/08 3:30 p.m.•12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in eTek Systems Hit Counter 2.0 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php, 2 inc/login.php, 3 admin/index.php, and 4 admin/forgot.php...

4.3CVSS6.1AI score0.00496EPSS

Exploits1References7Affected Software1

NVD•added 2009/01/27 1:30 a.m.•11 views

CVE-2008-5977

SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the adname parameter in a Submit action...

7.5CVSS8.4AI score0.00284EPSS

Exploits1References3

CVE•added 2009/01/27 1:0 a.m.•37 views

CVE-2008-5977

CVE-2008-5977 affects PHP JOBWEBSITE PRO (siteadmin/forgot.php) where the adname parameter in a Submit action is vulnerable to SQL injection. The underlying issue is an improper handling of user-supplied input, enabling remote attackers to potentially execute arbitrary SQL commands. The vulnerabi...

7.5CVSS8.7AI score0.00284EPSS

Exploits1References3Affected Software1

Packet Storm•added 2008/12/01 12:0 a.m.•21 views

phpjobwebsite-cmsqlxss.txt

--------------------------------------------------------- Portal Name: PHP JOBWEBSITE PRO Vendor : http://preproject.com Author : PouyaServer , [email protected] Vulnerability : CM,XSS,SQL --------------------------------------------------------- SQL:...

7.4AI score

Exploits0

NVD•added 2006/08/27 2:4 a.m.•9 views

CVE-2006-4361

Multiple cross-site scripting XSS vulnerabilities in jobseekers/forgot.php in Diesel Job Site allow remote attackers to inject arbitrary web script or HTML via the 1 uname or 2 SEmail parameters...

4.3CVSS5.8AI score0.00527EPSS

Exploits0References6

CVE•added 2006/08/25 11:0 p.m.•43 views

CVE-2006-4361

Vulnerability detail (CVE-2006-4361): Diesel Job Site’s jobseekers/forgot.php suffers multiple XSS flaws that let remote attackers inject arbitrary web script/HTML via the (1) uname or (2) SEmail parameters. Affected: Diesel Job Site, file: jobseekers/forgot.php. Impact and remediation are not pr...

4.3CVSS6AI score0.00527EPSS

Exploits0References6Affected Software1

Exploit DB•added 2006/08/21 12:0 a.m.•25 views

DieselScripts Job Site - 'Forgot.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/19622/info Multiple cross-site scripting vulnerabilities affect Job Site because the application fails to properly sanitize user-supplied input before including it in dynamically generated web content. An attacker may leverage these issues to have arbitra...

7.4AI score

Exploits0

NVD•added 2006/06/01 10:2 a.m.•9 views

CVE-2006-2740

Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow remote attackers to execute arbitrary SQL commands via the 1 q parameter in a forgot.php, and the 2 username and 3 password parameters in b login.php, and other unspecified vectors...

6.8CVSS8.7AI score0.01344EPSS

Exploits1References9

Prion•added 2006/05/04 12:38 p.m.•11 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in 1 eday.php, 2 eshow.php, or 3 forgot.php in albinator 2.0.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the Configrootdir parameter...

6.4CVSS8.2AI score0.07793EPSS

Exploits1References7Affected Software1

Cvelist•added 2005/02/14 5:0 a.m.•17 views

CVE-2005-0413

Multiple SQL injection vulnerabilities in MyPHP Forum 1.0 allow remote attackers to execute arbitrary SQL commands via 1 the fid in forum.php, 2 the member parameter in member.php, 3 the email parameter in forgot.php, or 4 the nbuser or nbpass parameters in include.php. NOTE: it was later reporte...

8.3AI score0.02207EPSS

Exploits1References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by