Lucene search
K

109 matches found

NVD
NVD
added 2005/05/02 4:0 a.m.17 views

CVE-2005-1235

auctionmyauctions.php in phpbb-Auction 1.2m and earlier allows remote attackers to obtain sensitive information via an invalid mode parameter, which leaks the full path in a PHP error message...

5CVSS6.3AI score0.01558EPSS
Exploits1References5
CVE
CVE
added 2005/04/24 4:0 a.m.40 views

CVE-2005-1235

The CVE concerns phpbb-Auction 1.2m and earlier, where auction_my_auctions.php accepts an invalid mode parameter and, via a PHP error message, leaks the full path. This is a potential information disclosure vulnerability in the PHP code path handling the auction feature. The provided documents do...

5CVSS6.7AI score0.01558EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2005/04/24 4:0 a.m.19 views

CVE-2005-1235

auctionmyauctions.php in phpbb-Auction 1.2m and earlier allows remote attackers to obtain sensitive information via an invalid mode parameter, which leaks the full path in a PHP error message...

6.3AI score0.01558EPSS
Exploits1References5
Cvelist
Cvelist
added 2005/04/12 4:0 a.m.17 views

CVE-2005-1074

SQL injection vulnerability in index.php for RadScripts RadBids Gold 2 allows remote attackers to execute arbitrary SQL commands via the mode parameter...

8.3AI score0.0128EPSS
Exploits1References6
Cvelist
Cvelist
added 2005/03/13 5:0 a.m.23 views

CVE-2005-0735

newsscript.pl for NewsScript allows remote attackers to gain privileges by setting the mode parameter to admin...

6.9AI score0.07666EPSS
Exploits1References1
CVE
CVE
added 2005/03/13 5:0 a.m.52 views

CVE-2005-0735

The CVE refers to NewsScript’s newsscript.pl CGI, where an attacker can escalate privileges remotely by sending mode=admin. Affected product: NewsScript (NewsScript.co.uk). Root cause: incomplete access validation in the CGI parameters allowing admin rights to be set via the mode parameter. Impac...

10CVSS7AI score0.07666EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.26 views

CVE-2004-2062

SQL injection vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to execute arbitrary SQL via the 1 threadid, 2 parentid, or 3 mode parameters...

7.5CVSS8.2AI score0.02417EPSS
Exploits1References4
NVD
NVD
added 2004/11/23 5:0 a.m.18 views

CVE-2004-0242

X-Cart 3.4.3 allows remote attackers to gain sensitive information via a mode parameter with 1 phpinfo command or 2 perlinfo command...

5CVSS6.7AI score0.06926EPSS
Exploits1References3
CVE
CVE
added 2004/03/18 5:0 a.m.53 views

CVE-2004-0242

X-Cart 3.4.3 is affected by CVE-2004-0242. An attacker can remotely read sensitive information by supplying a mode parameter that triggers phpinfo or perlinfo commands. The vulnerability enables information disclosure in the affected product via the web interface; no exploitation or mitigations a...

5CVSS7AI score0.06926EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder