CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2009/10/16 4:30 p.m.•10 views

CVE-2009-3715

Multiple SQL injection vulnerabilities in scrlogin.php in MCshoutbox 1.1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters...

6.8CVSS8.7AI score0.00418EPSS

NVD•added 2009/10/16 4:30 p.m.•9 views

CVE-2009-3714

Cross-site scripting XSS vulnerability in adminlogin.php in MCshoutbox 1.1 allows remote attackers to inject arbitrary web script or HTML via the loginerror parameter...

4.3CVSS5.7AI score0.04537EPSS

Prion•added 2009/10/16 4:30 p.m.•12 views

Sql injection

6.8CVSS9.4AI score0.00418EPSS

Prion•added 2009/10/16 4:30 p.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in adminlogin.php in MCshoutbox 1.1 allows remote attackers to inject arbitrary web script or HTML via the loginerror parameter...

4.3CVSS6.1AI score0.04537EPSS

CVE•added 2009/10/16 4:0 p.m.•47 views

CVE-2009-3715

MCshoutbox 1.1 is affected by multiple SQL injection vulnerabilities in scr_login.php, exploitable when magic_quotes_gpc is disabled. Attacks can remotely inject SQL via the username and password fields, potentially yielding arbitrary SQL execution. OpenVAS also notes related web vulnerabilities ...

6.8CVSS8.7AI score0.00418EPSS

Cvelist•added 2009/10/16 4:0 p.m.•13 views

CVE-2009-3715

8.7AI score0.00418EPSS

Cvelist•added 2009/10/16 4:0 p.m.•13 views

CVE-2009-3714

Cross-site scripting XSS vulnerability in adminlogin.php in MCshoutbox 1.1 allows remote attackers to inject arbitrary web script or HTML via the loginerror parameter...

5.7AI score0.04537EPSS

CVE•added 2009/10/16 4:0 p.m.•43 views

CVE-2009-3714

CVE-2009-3714 affects MCshoutbox 1.1; the XSS flaw is in admin_login.php and is exploitable by providing a crafted loginerror parameter to inject arbitrary scripts/HTML into the victim’s browser. The public documents describe the vulnerability type and affected component but do not specify a patc...

4.3CVSS5.7AI score0.04537EPSS

CVE•added 2009/10/16 4:0 p.m.•51 views

CVE-2009-3716

CVE-2009-3716 describes an unrestricted file upload vulnerability in MCshoutbox 1.1. The flaw exists in the admin.php upload handling, allowing remote authenticated users to upload a file with an executable extension and then access it via a direct request to the file under the smilies/ directory...

6.5CVSS7.3AI score0.09359EPSS

Exploits0References4Affected Software1

Packet Storm•added 2009/07/20 12:0 a.m.•28 views

MCshoutbox 1.1 SQL Injection / XSS / Shell Upload

MCshoutbox 1.1 SQL/XSS/Shell Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org Homepage : http://www.maniacomputer.com/dload/MCshoutboxDownloadPage.html + SQL Injection Login Bypass - Note : magicquotesgpc = off - Vulnerable code in...

0.5AI score

seebug.org•added 2009/07/20 12:0 a.m.•12 views

MCshoutbox 1.1 (SQL/XSS/Shell) Multiple Remote Vulnerabilities

7.1AI score

0day.today•added 2009/07/20 12:0 a.m.•13 views

MCshoutbox 1.1 (SQL/XSS/Shell) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================================== MCshoutbox 1.1 SQL/XSS/Shell Multiple Remote Vulnerabilities ============================================================== + MCshoutbox 1.1 SQL/XSS/Shell Multiple Remote...

7.1AI score

Exploit DB•added 2009/07/20 12:0 a.m.•32 views

mcshoutbox 1.1 - SQL Injection / Cross-Site Scripting / shell

7AI score

exploitpack•added 2009/07/20 12:0 a.m.•8 views

mcshoutbox 1.1 - SQL Injection Cross-Site Scripting shell

mcshoutbox 1.1 - SQL Injection Cross-Site Scripting shell + MCshoutbox 1.1 SQL/XSS/Shell Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org Homepage : http://www.maniacomputer.com/dload/MCshoutboxDownloadPage.html + SQL Injection Login Bypass -...

0.3AI score