Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-4917

Malware in sbrugna...

4.3CVSS6.4AI score0.01474EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 4:10 a.m.6 views

CVE-2014-5018

Incomplete blacklist vulnerability in the autoEscape function in commonhelper.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to conduct cross-site scripting XSS attacks via the GBK charset in the loadname parameter to index.php, related to the survey resume...

4.3CVSS6AI score0.01474EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/06/09 12:0 a.m.16 views

PT-2023-16691 · WordPress · Intuitive Custom Post Order

Name of the Vulnerable Software and Affected Versions: Intuitive Custom Post Order plugin for WordPress versions up to, and including, 3.1.3 Description: The issue arises from insufficient escaping on the user-supplied objects and tags parameters and a lack of sufficient preparation in the update...

7.2CVSS7.1AI score0.00971EPSS
Exploits0References5
OSV
OSV
added 2017/07/12 9:29 p.m.3 views

CVE-2017-11174

In install/pagedbsettings.php in the Core distribution of XOOPS 2.5.8.1, unfiltered data passed to CREATE and ALTER SQL queries caused SQL Injection in the database settings page, related to use of GBK in CHARACTER SET and COLLATE clauses...

9.8CVSS5.8AI score0.01035EPSS
Exploits0References1
NVD
NVD
added 2014/07/21 2:55 p.m.23 views

CVE-2014-5018

Incomplete blacklist vulnerability in the autoEscape function in commonhelper.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to conduct cross-site scripting XSS attacks via the GBK charset in the loadname parameter to index.php, related to the survey resume...

4.3CVSS5.8AI score0.01474EPSS
Exploits1References2
Prion
Prion
added 2014/07/21 2:55 p.m.16 views

Cross site scripting

Incomplete blacklist vulnerability in the autoEscape function in commonhelper.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to conduct cross-site scripting XSS attacks via the GBK charset in the loadname parameter to index.php, related to the survey resume...

4.3CVSS6.1AI score0.01474EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2014/07/21 2:0 p.m.24 views

CVE-2014-5018

Incomplete blacklist vulnerability in the autoEscape function in commonhelper.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to conduct cross-site scripting XSS attacks via the GBK charset in the loadname parameter to index.php, related to the survey resume...

5.8AI score0.01474EPSS
Exploits1References2
CVE
CVE
added 2014/07/21 2:0 p.m.39 views

CVE-2014-5018

CVE-2014-5018 affects LimeSurvey 2.05+ Build 140618, where an incomplete blacklist in the autoEscape function of common_helper.php can allow remote XSS via the GBK charset in the loadname parameter of index.php, related to the survey resume. The connected Red Hat and CVE records confirm the vulne...

4.3CVSS6AI score0.01474EPSS
Exploits1References2Affected Software1
seebug.org
seebug.org
added 2011/07/31 12:0 a.m.18 views

phpcms2008 & phpcms2007 GBK版ask/search_ajax.php SQL注射漏洞

PHPCMS 是国内领先的网站管理系统,同时也是一个开源的PHP开发框架 漏洞文件:ask/searchajax.php code: ?php require './include/common.inc.php'; requireonce MODROOT.'include/ask.class.php'; $ask = new ask; header'Content-type: text/html; charset=utf-8'; ifstrtolowerCHARSET != 'utf-8' $q = iconvCHARSET, 'utf-8', $q; if$q $where = "...

7.1AI score
Exploits0
Rows per page
Query Builder