CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. dork: Copyright KerviNet eLwauxc 20.06.2009 Blind SQLinj /index.php ------------------------------------------------------------------------------------------------- if$COOKIE'userenter'==auto $enterlogin=$COOKIE'enterlogin'; $enterparol=$COOKIE'enterparol';...

7.1AI score

Exploits0

ATTACKERKB•added 2009/07/05 4:30 p.m.•2 views

CVE-2007-6727

SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter...

7.5CVSS6.3AI score0.01057EPSS

Exploits1References2

Prion•added 2009/07/05 4:30 p.m.•16 views

Cross site scripting

Cross-site scripting XSS vulnerability in addvoting.php in KerviNet Forum 1.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the vvariant1 parameter...

3.5CVSS5.7AI score0.02536EPSS

Exploits0References3Affected Software1

Prion•added 2009/07/05 4:30 p.m.•10 views

Sql injection

Multiple SQL injection vulnerabilities in KerviNet Forum 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via 1 an enterparol cookie to index.php in an auto action or 2 the topic parameter to message.php. NOTE: vector 2 can be leveraged for a cross-site scripting XSS attac...

7.5CVSS8AI score0.00913EPSS

Exploits0References2Affected Software1

Prion•added 2009/07/05 4:30 p.m.•19 views

Sql injection

admin/edituser.php in KerviNet Forum 1.1 and earlier does not require administrative authentication, which allows remote attackers to delete arbitrary accounts and conduct SQL injection attacks via the deluserid parameter...

7.5CVSS8.5AI score0.01029EPSS

Exploits0References1Affected Software1

Prion•added 2009/07/05 4:30 p.m.•15 views

Sql injection

SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter...

7.5CVSS9.1AI score0.01057EPSS

Exploits1References1Affected Software1

Prion•added 2009/07/05 4:30 p.m.•14 views

Information disclosure

KerviNet Forum 1.1 and earlier allows remote attackers to obtain sensitive information via a direct request to 1 admin/head.php, or 2 votingdiagram.php, 3 voting.php, 4 topicssearch.php, 5 topicslist.php, 6 toppart.php, 7 quicksearch.php, 8 quickreply.php, 9 modermenu.php, 10 messageslist.php, 11...

5CVSS6.7AI score0.02216EPSS

Exploits0References1Affected Software1

NVD•added 2009/07/05 4:30 p.m.•19 views

CVE-2009-2326

7.5CVSS7.3AI score0.00913EPSS

Exploits0References2

NVD•added 2009/07/05 4:30 p.m.•21 views

CVE-2009-2328

7.5CVSS7.7AI score0.01029EPSS

Exploits0References1

NVD•added 2009/07/05 4:30 p.m.•19 views

CVE-2009-2329

5CVSS6.2AI score0.02216EPSS

Exploits0References1

NVD•added 2009/07/05 4:30 p.m.•15 views

CVE-2007-6727

SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter...

7.5CVSS8.4AI score0.01057EPSS

Exploits1References1

NVD•added 2009/07/05 4:30 p.m.•19 views

CVE-2009-2327

Cross-site scripting XSS vulnerability in addvoting.php in KerviNet Forum 1.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the vvariant1 parameter...

3.5CVSS5.3AI score0.02536EPSS

Exploits0References3