Lucene search
+L

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-1691

Malware in sbrugna...

6.8CVSS6.4AI score0.01523EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2006-1693

Malware in sbrugna...

7.5CVSS6.4AI score0.01214EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-1692

Malware in sbrugna...

7.5CVSS6.4AI score0.01413EPSS
Exploits0References9
securityvulns
securityvulns
added 2006/04/21 12:0 a.m.52 views

[eVuln] MWNewsletter SQL Injection and XSS Vulnerabilities

New eVuln Advisory: MWNewsletter SQL Injection and XSS Vulnerabilities http://evuln.com/vulns/123/summary.html --------------------Summary---------------- eVuln ID: EV0123 CVE: CVE-2006-1690 CVE-2006-1691 CVE-2006-1692 Vendor: Manic Web Software: MWNewsletter Sowtware's Web Site:...

7.5CVSS0.4AI score0.01523EPSS
Exploits0
NVD
NVD
added 2006/04/11 10:2 a.m.24 views

CVE-2006-1690

Cross-site scripting XSS vulnerability in subscribe.php in MWNewsletter 1.0.0b allows remote attackers to inject arbitrary web script or HTML via the username parameter...

6.8CVSS5.7AI score0.01523EPSS
Exploits0References8
Prion
Prion
added 2006/04/11 10:2 a.m.14 views

Sql injection

Multiple SQL injection vulnerabilities in MWNewsletter 1.0.0b allow remote attackers to execute arbitrary SQL commands via the 1 useremail parameter to a unsubscribe.php or b subscribe.php; or the 2 username parameter to subscribe.php. NOTE: the provenance of this information is unknown; the...

7.5CVSS9AI score0.01214EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2006/04/11 10:2 a.m.16 views

CVE-2006-1692

Multiple SQL injection vulnerabilities in MWNewsletter 1.0.0b allow remote attackers to execute arbitrary SQL commands via the 1 useremail parameter to a unsubscribe.php or b subscribe.php; or the 2 username parameter to subscribe.php. NOTE: the provenance of this information is unknown; the...

7.5CVSS8.2AI score0.01214EPSS
Exploits0References4
Prion
Prion
added 2006/04/11 10:2 a.m.19 views

Sql injection

SQL injection vulnerability in MWNewsletter 1.0.0b allows remote attackers to execute arbitrary SQL commands via the username parameter to unsubscribe.php...

7.5CVSS9AI score0.01413EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2006/04/11 10:2 a.m.16 views

CVE-2006-1691

SQL injection vulnerability in MWNewsletter 1.0.0b allows remote attackers to execute arbitrary SQL commands via the username parameter to unsubscribe.php...

7.5CVSS8.4AI score0.01413EPSS
Exploits0References8
CVE
CVE
added 2006/04/11 10:0 a.m.42 views

CVE-2006-1691

CVE-2006-1691 : A SQL injection vulnerability in MWNewsletter 1.0.0b affects the unsubscribe.php script via the user_name parameter. Multiple connected sources confirm the vulnerability arises from inadequate input sanitization, allowing remote attackers to inject arbitrary SQL. Impact is describ...

7.5CVSS8.4AI score0.01413EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2006/04/11 10:0 a.m.38 views

CVE-2006-1692

CVE-2006-1692 concerns MWNewsletter 1.0.0b, where multiple SQL injection flaws are exposed via input parameters. Specifically, unsanitized user_email (in unsubscribe.php and subscribe.php) and user_name (in subscribe.php) allow remote attackers to inject arbitrary SQL commands, enabling potential...

7.5CVSS8.2AI score0.01214EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2006/04/11 10:0 a.m.32 views

CVE-2006-1692

Multiple SQL injection vulnerabilities in MWNewsletter 1.0.0b allow remote attackers to execute arbitrary SQL commands via the 1 useremail parameter to a unsubscribe.php or b subscribe.php; or the 2 username parameter to subscribe.php. NOTE: the provenance of this information is unknown; the...

8.2AI score0.01214EPSS
Exploits0References4
Cvelist
Cvelist
added 2006/04/11 10:0 a.m.31 views

CVE-2006-1690

Cross-site scripting XSS vulnerability in subscribe.php in MWNewsletter 1.0.0b allows remote attackers to inject arbitrary web script or HTML via the username parameter...

5.7AI score0.01523EPSS
Exploits0References8
Cvelist
Cvelist
added 2006/04/11 10:0 a.m.22 views

CVE-2006-1691

SQL injection vulnerability in MWNewsletter 1.0.0b allows remote attackers to execute arbitrary SQL commands via the username parameter to unsubscribe.php...

8.4AI score0.01413EPSS
Exploits0References8
CVE
CVE
added 2006/04/11 10:0 a.m.45 views

CVE-2006-1690

MWNewsletter 1.0.0b is affected by an XSS in subscribe.php via the user_name parameter (CVE-2006-1690). The eVuln entry also documents a SQL Injection vulnerability in unsubscribe.php affecting the same MWNewsletter version, with PoC/Exploit available and no patch listed. CVSS from NVD: 6.8 (Medi...

6.8CVSS5.7AI score0.01523EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder