CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

seebug.org•added 2014/07/01 12:0 a.m.•17 views

Magic List Pro view_archive.cfm ListID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15774/info CFMagic Products are prone to multiple input validation vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. These vulnerabilities allow an attacker to inject malicious SQL co...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•15 views

Magic Forum Personal view_thread.cfm Multiple Parameter SQL Injection

7.1AI score

Exploits0

NVD•added 2005/12/08 1:3 a.m.•9 views

CVE-2005-4071

Multiple SQL injection vulnerabilities in CFMagic Magic Forum Personal 2.5 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 ForumID parameter in viewforum.cfm, and 2 ForumID, 3 Thread, and 4 ThreadID parameters in viewthread.cfm...

7.5CVSS8.5AI score0.01256EPSS

Exploits0References7

CVE•added 2005/12/08 1:0 a.m.•45 views

CVE-2005-4072

The CVE describes a cross-site scripting (XSS) vulnerability in CFMagic Magic Forum Personal 2.5 and earlier, where an attacker can inject arbitrary script via the Words parameter in search_forums.cfm used in the “Search For:” field. The available records confirm the affected software and the inp...

4.3CVSS6AI score0.01177EPSS

Exploits0References4Affected Software1

CVE•added 2005/12/08 1:0 a.m.•42 views

CVE-2005-4071

CVE-2005-4071 affects CFMagic Magic Forum Personal 2.5 and earlier. The vulnerabilities are SQL injection in the web interface: (1) ForumID in view_forum.cfm and (2) ForumID, (3) Thread, and (4) ThreadID in view_thread.cfm, allowing remote attackers to execute arbitrary SQL commands. The NVD entr...

7.5CVSS8.9AI score0.01256EPSS

Exploits0References7Affected Software1

Cvelist•added 2005/12/08 1:0 a.m.•16 views

CVE-2005-4072

Cross-site scripting XSS vulnerability in CFMagic Magic Forum Personal 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the Words parameter in searchforums.cfm, as used in the "Search For:" field...

5.7AI score0.01177EPSS

Exploits0References4

exploitpack•added 2005/12/08 12:0 a.m.•11 views

Magic List Pro - view_archive.cfm?ListID SQL Injection

Magic List Pro - viewarchive.cfm?ListID SQL Injection source: https://www.securityfocus.com/bid/15774/info CFMagic Products are prone to multiple input validation vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. These vulnerabilities allow an attacker to...

0.1AI score

Exploits0

securityvulns•added 2005/12/06 12:0 a.m.•20 views

Magic Forum Personal SQL&XSS vuln.

Magic Forum Personal SQL&XSS vuln. Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/magic-forum-personal-sqlxss-vuln.html vendor:www.cfmagic.com/products/magicforumper.cfm affected version:2.5 and prior Product Description: Magic Forum Personal is ou...

0.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by