CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1496 matches found

securityvulns•added 2006/09/13 12:0 a.m.•59 views

Quicksilver Forums [(v1.2.0)+(1.2.1)] (set[include_path]) Remote File Inclusion Vulnerabilities

WWW.SecurityWall.orG Quicksilver Forums v1.2.0+1.2.1 setincludepath Remote File Inclusion Vulnerabilities Author: mdx Class : Remote cont@ct: bilkopatathotmaildotcom v1.2.0+v1.2.1 Code: activeutil.php? requireonce $set'includepath' . '/lib/bbcode.php'; Exploit:...

2.2AI score

Exploits0

Exploit DB•added 2006/09/13 12:0 a.m.•39 views

Quicksilver Forums 1.2.1 - Remote File Inclusion

7.4AI score

Exploits0

Exploit DB•added 2006/09/13 12:0 a.m.•28 views

Snitz Forums 2000 - 'forum.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20004/info Snitz Forums 2000 is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. This could allow an attacker to steal cookie-based authentication credentials and launch other attacks. Version...

7.4AI score

Exploits0

securityvulns•added 2006/09/04 12:0 a.m.•47 views

XSS in Web Wiz Forums

=info= Little filter evasion of Web Wiz Forums filters. The vuln lies in the avatar from url. =exploit= You have to post "img src="java scri pt:ale rt'xss'" after the url. =handicap= It is not that serious because the field takes only 95 chars and it works only for IE and Opera.Firefox survived i...

1.8AI score

Exploits0

myhack58•added 2006/07/19 12:0 a.m.•21 views

Catch broilers collection---the Trojan spread mad grab broiler final stage large package-vulnerability warning-the black bar safety net

This article total section summarizes the currently the most popular Trojan to spread the technology and later the Trojan to spread the technology development trend, The content is quite rich. I believe after reading this tutorial you'll become a poultry raiser. A. Currently popular Trojan...

6.6AI score

Exploits0

NVD•added 2006/07/13 1:5 a.m.•15 views

CVE-2006-3560

SQL injection vulnerability in topics.php in Blue Dojo Graffiti Forums 1.0 allows remote attackers to execute arbitrary SQL commands via the f parameter...

7.5CVSS8.4AI score0.01267EPSS

Exploits1References7

CVE•added 2006/07/13 1:0 a.m.•45 views

CVE-2006-3560

The CVE covers an SQL injection in topics.php of Blue Dojo Graffiti Forums 1.0, exploitable via the f parameter to execute arbitrary SQL commands remotely. This affects the application’s database interactions (vulnerability in a PHP script), with potential impacts to confidentiality, integrity, a...

7.5CVSS8.8AI score0.01267EPSS

Exploits1References7Affected Software1

Cvelist•added 2006/07/13 1:0 a.m.•18 views

CVE-2006-3560

SQL injection vulnerability in topics.php in Blue Dojo Graffiti Forums 1.0 allows remote attackers to execute arbitrary SQL commands via the f parameter...

8.4AI score0.01267EPSS

Exploits1References7

securityvulns•added 2006/07/11 12:0 a.m.•40 views

Graffiti Forums v1.0 SQL Injection Vulnerabilities

/ -------------------------------------------------------- Neo Security Team NST - Advisory 24 - 08/07/06 -------------------------------------------------------- Program: Graffiti Forums Homepage: http://www.bluedojo.com/ Vulnerable Versions: 1.0. Risk: High! Impact: Critical Risk -==Graffiti...

8.6AI score

Exploits0

exploitpack•added 2006/07/10 12:0 a.m.•15 views

Graffiti Forums 1.0 - Topics.php SQL Injection

Graffiti Forums 1.0 - Topics.php SQL Injection source: https://www.securityfocus.com/bid/18928/info Graffiti Forums is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

0.5AI score

Exploits0

Exploit DB•added 2006/07/10 12:0 a.m.•20 views

Graffiti Forums 1.0 - 'Topics.php' SQL Injection

source: https://www.securityfocus.com/bid/18928/info Graffiti Forums is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploit could allow an attacker to compromise the...

7.4AI score

Exploits0

Packet Storm•added 2006/07/09 12:0 a.m.•35 views

pearl24.txt

Pearl Products Multiple Remote File Inclusion Discovered By zero Moroccan Security Team Affected softwares: Pearl Forums 2.4 Ngoc Biec 1.4 Pearl For Biz 2.4 Pearl For Mambo 1.6 URL : http://sourceforge.net/projects/pearlforums/ Risk : High Impact: System access ------ PoC...

7.4AI score

Exploits0

Packet Storm•added 2006/06/26 12:0 a.m.•33 views

chatizens.txt

Chatizens.com Also known as Chattown.com Homepage: http://www.chatizens.com Affected files: Profile input boxes: All input boxes of your profile. Browsing the forums -------------------------------------------- XSS vuln with cookie disclosure via profile input boxes. To bypass chatizens filters o...

7.4AI score

Exploits0

0day.today•added 2006/06/02 12:0 a.m.•120 views

PHP-Nuke <= 7.9 Final (phpbb_root_path) Remote File Inclusions

Exploit for unknown platform in category web applications ============================================================== PHP-Nuke = 7.9 Final phpbbrootpath Remote File Inclusions ============================================================== Milli-Harekat Advisory www.milli-harekat.org PHP-Nuke =...

7.1AI score

Exploits0

Prion•added 2006/05/31 10:6 a.m.•14 views

Sql injection

Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 startletter parameter in userview.asp and the 2 forumname parameter in topics.asp...

6.4CVSS9.3AI score0.0109EPSS

Exploits0References3Affected Software1

Prion•added 2006/05/31 10:6 a.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 startletter parameter in userview.asp and the 2 catid parameter in topics.asp...

6.8CVSS6.4AI score0.01788EPSS

Exploits0References3Affected Software1

NVD•added 2006/05/31 10:6 a.m.•10 views

CVE-2006-2697

6.4CVSS8.5AI score0.0109EPSS

Exploits0References3

NVD•added 2006/05/31 10:6 a.m.•14 views

CVE-2006-2696

6.8CVSS6AI score0.01788EPSS

Exploits0References3

CVE•added 2006/05/31 10:0 a.m.•53 views

CVE-2006-2696

CVE-2006-2696 describes Cross-site scripting (XSS) in Easy-Content Forums 1.0. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the (1) startletter parameter in userview.asp and (2) catid parameter in topics.asp. Public records indicate an impact on confidentia...

6.8CVSS6.1AI score0.01788EPSS

Exploits0References3Affected Software1

Cvelist•added 2006/05/31 10:0 a.m.•11 views

CVE-2006-2696

6AI score0.01788EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by