CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2006-4311

Malware in sbrugna...

7.5CVSS6.4AI score0.00963EPSS

Exploits2References8

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-4312

Malware in sbrugna...

6.8CVSS6.4AI score0.0192EPSS

Exploits2References8

securityvulns•added 2006/09/14 12:0 a.m.•38 views

[eVuln] indexcity SQL Injection and XSS Vulnerabilities

New eVuln Advisory: indexcity SQL Injection and XSS Vulnerabilities http://evuln.com/vulns/135/summary.html --------------------Summary---------------- eVuln ID: EV0135 CVE: CVE-2006-4323 CVE-2006-4324 Vendor: CityForFree Vendor's Web Site: http://www.cityforfree.com/ Software: indexcity Sowtware...

7.5CVSS0.3AI score0.0192EPSS

Exploits3

Packet Storm•added 2006/09/14 12:0 a.m.•27 views

EV0135.txt

7.5CVSS6.7AI score0.0192EPSS

Exploits3

NVD•added 2006/08/24 1:4 a.m.•15 views

CVE-2006-4324

Cross-site scripting XSS vulnerability in addurl2.php in CityForFree indexcity 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter...

6.8CVSS5.7AI score0.0192EPSS

Exploits2References6

NVD•added 2006/08/24 1:4 a.m.•7 views

CVE-2006-4323

SQL injection vulnerability in list.php in CityForFree indexcity 1.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cateid parameter...

7.5CVSS8.3AI score0.00963EPSS

Exploits2References6

CVE•added 2006/08/24 1:0 a.m.•41 views

CVE-2006-4324

CityForFree indexcity 1.0 has an XSS vulnerability in add_url2.php exploitable via the url parameter. The underlying issue is insufficient input sanitization, allowing remote attackers to inject arbitrary web script or HTML. Affected software/version: indexcity 1.0 (add_url2.php). Impact: client-...

6.8CVSS5.7AI score0.0192EPSS

Exploits2References6Affected Software1

Cvelist•added 2006/08/24 1:0 a.m.•15 views

CVE-2006-4324

Cross-site scripting XSS vulnerability in addurl2.php in CityForFree indexcity 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter...

5.7AI score0.0192EPSS

Exploits2References6

CVE•added 2006/08/24 1:0 a.m.•36 views

CVE-2006-4323

CVE-2006-4323 involves an SQL injection in CityForFree’s indexcity 1.0 product, specifically the vulnerable script is list.php. The underlying issue occurs when magic_quotes_gpc is disabled, allowing an attacker to inject arbitrary SQL through the cate_id parameter. Connected documents corroborat...

7.5CVSS8.3AI score0.00963EPSS

Exploits2References6Affected Software1

securityvulns•added 2006/08/23 12:0 a.m.•42 views

[SA21565] indexcity SQL Injection and Script Insertion Vulnerabilities

TITLE: indexcity SQL Injection and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA21565 VERIFY ADVISORY: http://secunia.com/advisories/21565/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: indexcity 1.x...

0.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by