Lucene search
K

7 matches found

Cvelist
Cvelist
added 2006/03/23 11:0 a.m.21 views

CVE-2006-1360

Multiple SQL injection vulnerabilities in MusicBox 2.3 Beta 2 allow remote attackers to execute arbitrary SQL commands via the 1 id, 2 type, or 3 show parameter to a index.php; or the 4 message1 or 5 message parameter to b cart.php...

8.4AI score0.01299EPSS
Exploits1References4
Prion
Prion
added 2006/03/22 1:2 a.m.19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Musicbox 2.3 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the 1 id and 2 type and 3 show parameters in a top action in a index.php; and the 4 message1 parameter in b cart.php...

4.3CVSS5.9AI score0.01981EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2006/03/22 1:0 a.m.45 views

CVE-2006-1349

CVE-2006-1349 describes multiple cross-site scripting (XSS) vulnerabilities in Musicbox 2.3 Beta 2. An affected component is the Musicbox web interface (index.php and cart.php) where user-supplied input in parameters (1) id, (2) type, (3) show, and (4) message1 can be injected as script/HTML. The...

4.3CVSS5.7AI score0.01981EPSS
Exploits1References7Affected Software1
Exploit DB
Exploit DB
added 2006/03/18 12:0 a.m.34 views

MusicBox 2.3 - 'cart.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17149/info MusicBox is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/12/22 9:0 p.m.18 views

CVE-2005-4500

SQL injection vulnerability in MusicBox 2.3 allows remote attackers to execute arbitrary SQL commands via the 1 show and 2 type parameter. NOTE: the provenance of this information is unknown, although it was later rediscovered...

8.1AI score0.01262EPSS
Exploits1References6
CVE
CVE
added 2005/12/22 9:0 p.m.44 views

CVE-2005-4500

MusicBox 2.3 is affected by CVE-2005-4500 due to an SQL injection in the show and type parameters, enabling remote attackers to execute arbitrary SQL commands. The connected sources confirm the vulnerability and its parameters, but do not provide remediation details in these documents.

7.5CVSS8.5AI score0.01262EPSS
Exploits1References6Affected Software1
exploitpack
exploitpack
added 2005/12/22 12:0 a.m.13 views

MusicBox 2.3 - type SQL Injection

MusicBox 2.3 - type SQL Injection source: https://www.securityfocus.com/bid/16030/info MusicBox is prone to an SQL injection vulnerability. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit...

0.2AI score
Exploits0
Rows per page
Query Builder