Lucene search
+L

691 matches found

osv
osv
added 2007/02/21 11:28 p.m.6 views

DEBIAN-CVE-2007-1054

Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.6.x through 1.9.2, when $wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded value of the rs parameter, which is processed by Internet Explorer...

6.8CVSS6AI score0.01944EPSS
Exploits1References1
attackerkb
attackerkb
added 2006/12/02 2:28 a.m.3 views

CVE-2006-6230

SQL injection vulnerability in vuBB 0.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a register action to index.php, a different vulnerability than CVE-2006-0962...

7.5CVSS6.3AI score0.02455EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2006/09/19 12:0 a.m.8 views

PT-2006-5618 · All Enthusiast · Reviewpost

Name of the Vulnerable Software and Affected Versions: All Enthusiast ReviewPost version 2.5 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the RP PATH parameter in the index.php file. Recommendations: For All Enthusiast ReviewPost version 2.5, consider...

7.5CVSS7.3AI score0.02967EPSS
Exploits1References7
ptsecurity
ptsecurity
added 2006/09/13 12:0 a.m.8 views

PT-2006-5528 · Phprog · Phprog

Name of the Vulnerable Software and Affected Versions: PHProg versions prior to 1.1 Description: The issue allows remote attackers to read arbitrary files via a .. dot dot in the lang parameter of the index.php file. This is a directory traversal vulnerability. Recommendations: For versions prior...

5CVSS6.7AI score0.03464EPSS
Exploits1References8
ptsecurity
ptsecurity
added 2006/08/29 12:0 a.m.5 views

PT-2006-5229 · Jupiter · Jupiter Cms

Name of the Vulnerable Software and Affected Versions: Jupiter CMS version 1.1.5 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the template parameter in the index.php file. However, it's noted that the $template variable is defined as a static value...

9.8CVSS8AI score0.04338EPSS
Exploits1References9
osv
osv
added 2006/04/26 12:6 a.m.3 views

DEBIAN-CVE-2006-2031

Cross-site scripting XSS vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

2.6CVSS7.8AI score0.0124EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2006/04/02 12:0 a.m.5 views

PT-2006-2584 · Monalbum · Monalbum

Name of the Vulnerable Software and Affected Versions: MonAlbum version 0.8.7 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved through SQL injection vulnerabilities in multiple parameters, including pc in index.php, and pnom, pcourriel, pcommentai...

6.4CVSS8.4AI score0.01315EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2005/12/14 12:0 a.m.4 views

PT-2005-4920 · Jamit · Jamit Job Board

Name of the Vulnerable Software and Affected Versions: Jamit Job Board versions 2.4.1 and earlier Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the cat parameter in the "index.php" file. The vendor has disputed this issue, claiming it has no basi...

7.5CVSS8.7AI score0.01206EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2005/11/16 12:0 a.m.4 views

PT-2005-4334 · Ib · Ibproarcade

Name of the Vulnerable Software and Affected Versions: ibProArcade versions 2.5.2 and earlier Description: A SQL injection issue exists in the report module of ibProArcade, allowing remote attackers to execute arbitrary SQL commands. The issue is related to the user parameter in the index.php fil...

7.5CVSS8.1AI score0.01748EPSS
Exploits1References10
ptsecurity
ptsecurity
added 2005/09/19 12:0 a.m.8 views

PT-2005-3817 · Noah · Noah'S Classifieds

Name of the Vulnerable Software and Affected Versions: Noah's classifieds version 1.3 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the rollid parameter in the index.php file. This could potentially lead to unauthorized actions on...

4.3CVSS5.6AI score0.01752EPSS
Exploits1References7
ptsecurity
ptsecurity
added 2002/12/31 12:0 a.m.11 views

PT-2002-2753 · Php · Php-Nuke

Name of the Vulnerable Software and Affected Versions: PHP-Nuke versions 5.4 and earlier Description: The issue allows remote attackers to gain SQL query information by exploiting debugging features that are not properly restricted. This can be achieved by setting the sql debug parameter in...

5CVSS7AI score0.05854EPSS
Exploits1References5
Rows per page
Query Builder