Lucene search
+L

580 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

BosDev BosDates 3.x SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9639/info An SQL injection vulnerability has been reported to affect BosDates calendar system. The issue arises due to insufficient sanitization of user supplied data. As a result of this issue an attacker could modify th...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.124 views

cPanel 5.0 Guestbook.cgi Remote Command Execution Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/6882/info A remote command execution vulnerability has been discovered in the cPanel CGI Application. This issue occurs due to insufficient sanitization of externally supplied data to the 'guestbook.cgi' script. An attack...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Go Smart Inc GoSmart Message Board Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11361/info GoSmart Message Board is reported prone to multiple input validation vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting and SQL injection attacks. The cause of these iss...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Community Link Pro Login.CGI File Parameter Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14097/info Community Link Pro is prone to a remote arbitrary command execution vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data. Due to this, an attacker can prefix arbitrar...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Uni-vert PhpLeague 0.82 Joueurs.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19880/info Uni-vert PhpLeague is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. This issue may allow an attacker to compromise the application, access or modify data,...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/05/12 12:0 a.m.20 views

Iwebsns sql 第二枚。

简要描述: 过滤不严。 详细说明: 在action/users/userinfo.action.php中 $userid =getsessuserid; $model = shortcheckgetargg'model'; $birthyear = shortcheckgetargp'birthyear'; $birthmonth = shortcheckgetargp'birthmonth'; $birthday = shortcheckgetargp'birthday'; $residecity = shortcheckgetargp'residecity';...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/06/28 12:0 a.m.26 views

Clix'N'Cash Clone 2010 - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/41202/info Clix'N'Cash Clone 2010 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access ...

7.4AI score
Exploits0
Prion
Prion
added 2010/02/18 6:0 p.m.18 views

Design/Logic Flaw

The ParamTraits::Read function in common/commonparamtraits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data,...

5CVSS6.2AI score0.01006EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2010/02/18 5:19 p.m.38 views

CVE-2010-0663

The ParamTraits::Read function in common/commonparamtraits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data,...

5.6AI score0.01006EPSS
Exploits0References5
Prion
Prion
added 2009/11/11 7:30 p.m.18 views

Input validation

The Graphics Device Interface GDI in win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, a...

7.2CVSS6.7AI score0.01546EPSS
Exploits1References3Affected Software2
exploitpack
exploitpack
added 2009/03/24 12:0 a.m.45 views

PHPizabi 0.8 - notepad_body SQL Injection

PHPizabi 0.8 - notepadbody SQL Injection source: https://www.securityfocus.com/bid/34223/info PHPizabi is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromi...

Exploits0
exploitpack
exploitpack
added 2009/01/11 12:0 a.m.10 views

Silentum Uploader 1.4.0 - Remote File Deletion

Silentum Uploader 1.4.0 - Remote File Deletion Vendor: http://hypersilence.net Versions: Silentum Uploader 1.4.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=2 ---- Due to insufficient validation of client-si...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2008/03/24 12:0 a.m.26 views

Quick Classifieds 1.0 - controlcenterupdate.php3?DOCUMENT_ROOT Remote File Inclusion

Quick Classifieds 1.0 - controlcenterupdate.php3?DOCUMENTROOT Remote File Inclusion source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2008/02/19 12:0 a.m.40 views

PHP-Nuke Sections Module - artid SQL Injection

PHP-Nuke Sections Module - artid SQL Injection source: https://www.securityfocus.com/bid/27879/info The PHP-Nuke Sections module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could all...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/19 12:0 a.m.21 views

XOOPS 'seminars' Module - 'id' SQL Injection

source: https://www.securityfocus.com/bid/27891/info The XOOPS 'seminars' module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/16 12:0 a.m.15 views

Particle Blogger 1.2.1 - 'Archives.php' SQL Injection

source: https://www.securityfocus.com/bid/24232/info Particle Blogger is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/15 12:0 a.m.20 views

Viper Web Portal 0.1 - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/22979/info Viper Web Portal is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks ar...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/02/12 12:0 a.m.15 views

Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/wordfilter.php?Admin' Remote File Inclusion

source: https://www.securityfocus.com/bid/22518/info TagIt! TagBoard is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/02/12 12:0 a.m.26 views

Tagit! Tagit2b 2.1.B Build 2 - '/tagmin/index.php?adminpath' Remote File Inclusion

source: https://www.securityfocus.com/bid/22518/info TagIt! TagBoard is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/01/09 12:0 a.m.15 views

Magic Photo Storage Website - '/user/upload_photo.php?_config[site_path]' Remote File Inclusion

source: https://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying...

7.4AI score
Exploits0
Rows per page
Query Builder