CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting XSS vulnerability in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the header of the topic in a comment...

4.3CVSS5.9AI score0.00226EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 9:53 p.m.•9 views

CVE-2009-3261

update/update0.1.2to0.2.php in LiveStreet 0.2 does not require administrative authentication, which allows remote attackers to perform DROP TABLE operations via unspecified vectors...

7.5CVSS7.2AI score0.00514EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 9:28 p.m.•5 views

CVE-2009-3256

Cross-site scripting XSS vulnerability in include/ajax/blogInfo.php in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the URI, as demonstrated by a SCRIPT element in an arbitrary parameter such as the asd parameter...

4.3CVSS5.9AI score0.00142EPSS

Exploits1References1

Positive Technologies•added 2013/12/11 12:0 a.m.•6 views

PT-2013-76: Local File Inclusion in LiveStreet CMS

The specialists of the Positive Research center have detected a Local File Inclusion vulnerability in LiveStreet CMS. Insufficient validation of user input in the install\index.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may...

7.5CVSS7.6AI score

Exploits0References5

0day.today•added 2012/06/21 12:0 a.m.•76 views

LiveStreet 0.5.1 Cross Site Scripting

Exploit for php platform in category web applications LiveStreet Cross-Site Scripting Vulnerabilities & disclosure of directory Vulnerable: LiveStreet 0.5.1 http://livestreetcms.com/download/ Remote: Yes Local: No Credit: HiMIC Babichev Igor Livestreet XSS POST: File:...

7.1AI score

Exploits0

Packet Storm•added 2012/06/21 12:0 a.m.•20 views

LiveStreet 0.5.1 Cross Site Scripting

LiveStreet Cross-Site Scripting Vulnerabilities & disclosure of directory Vulnerable: LiveStreet 0.5.1 http://livestreetcms.com/download/ Remote: Yes Local: No Credit: HiMIC Babichev Igor Livestreet XSS POST: File: /engine/lib/external/MooTools1.2/plugs/vlaCal-v2.1/inc/year.php...

Exploits0

Packet Storm•added 2011/04/04 12:0 a.m.•27 views

LiveStreet 0.4.2 Cross Site Scripting

------------------------------------------------------------------------ Software................LiveStreet 0.4.2 Vulnerability...........Reflected Cross-site Scripting Threat Level............Low 1/5 Download................http://livestreetcms.com/ Discovery Date..........4/3/2011 Tested...

7.4AI score

Exploits0

0day.today•added 2010/02/19 12:0 a.m.•17 views

LiveStreet v0.2 Xss Vulnerability

Exploit for unknown platform in category web applications ================================= LiveStreet v0.2 Xss Vulnerability ================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1...

7.1AI score

Exploits0

NVD•added 2009/09/18 9:30 p.m.•13 views

CVE-2009-3260

Cross-site scripting XSS vulnerability in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the header of the topic in a comment...

4.3CVSS5.7AI score0.00226EPSS

Exploits1References2

NVD•added 2009/09/18 9:30 p.m.•15 views

CVE-2009-3261

update/update0.1.2to0.2.php in LiveStreet 0.2 does not require administrative authentication, which allows remote attackers to perform DROP TABLE operations via unspecified vectors...

7.5CVSS6.7AI score0.00514EPSS

Exploits1References1

Prion•added 2009/09/18 9:30 p.m.•12 views

Authentication flaw

update/update0.1.2to0.2.php in LiveStreet 0.2 does not require administrative authentication, which allows remote attackers to perform DROP TABLE operations via unspecified vectors...

7.5CVSS7.2AI score0.00514EPSS

Exploits1References1Affected Software1

Prion•added 2009/09/18 9:30 p.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the header of the topic in a comment...

4.3CVSS6.1AI score0.00226EPSS

Exploits1References2Affected Software1

CVE•added 2009/09/18 9:0 p.m.•42 views

CVE-2009-3260

CVE-2009-3260 describes a Cross-site scripting (XSS) vulnerability in LiveStreet 0.2. The issue allows remote attackers to inject arbitrary web script or HTML via the header of the topic in a comment. The provided sources consistently identify LiveStreet 0.2 as affected and the exploit path as th...

4.3CVSS5.7AI score0.00226EPSS

Exploits1References2Affected Software1

Cvelist•added 2009/09/18 9:0 p.m.•15 views

CVE-2009-3260

Cross-site scripting XSS vulnerability in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the header of the topic in a comment...

5.7AI score0.00226EPSS

Exploits1References2

Cvelist•added 2009/09/18 9:0 p.m.•16 views

CVE-2009-3261

update/update0.1.2to0.2.php in LiveStreet 0.2 does not require administrative authentication, which allows remote attackers to perform DROP TABLE operations via unspecified vectors...

6.7AI score0.00514EPSS

Exploits1References1

CVE•added 2009/09/18 9:0 p.m.•42 views

CVE-2009-3261

CVE-2009-3261 affects LiveStreet 0.2, where update/update_0.1.2_to_0.2.php does not require administrative authentication, enabling remote attackers to trigger DROP TABLE operations via unspecified vectors. Root cause is missing admin auth for the vulnerable update script. Documents do not provid...

7.5CVSS6.7AI score0.00514EPSS

Exploits1References1Affected Software1

Prion•added 2009/09/18 8:30 p.m.•15 views

Cross site scripting

4.3CVSS6.1AI score0.00142EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by