Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-1805

Malware in sbrugna...

6CVSS6.4AI score0.00886EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-1820

Malware in sbrugna...

4CVSS6.4AI score0.02424EPSS
Exploits0References4
Prion
Prion
added 2009/05/29 8:30 p.m.18 views

Design/Logic Flaw

modules/admuser.php in myColex 1.4.2 does not require administrative authentication, which allows remote authenticated users to list user accounts via a Find action...

4CVSS6.7AI score0.02424EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/05/29 8:30 p.m.19 views

CVE-2009-1825

modules/admuser.php in myColex 1.4.2 does not require administrative authentication, which allows remote authenticated users to list user accounts via a Find action...

4CVSS6.2AI score0.02424EPSS
Exploits0References3
Cvelist
Cvelist
added 2009/05/29 8:0 p.m.23 views

CVE-2009-1825

modules/admuser.php in myColex 1.4.2 does not require administrative authentication, which allows remote authenticated users to list user accounts via a Find action...

6.2AI score0.02424EPSS
Exploits0References3
Prion
Prion
added 2009/05/29 4:30 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in myColex 1.4.2 allow remote attackers to inject arbitrary web script or HTML via 1 the year parameter to modules/kalender.php, 2 the Page parameter in a List action to modules/ereignis.php, 3 the Kontext parameter in a Search action to...

4.3CVSS6AI score0.01484EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2009/05/29 4:30 p.m.16 views

Sql injection

Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary SQL commands via 1 the formUser parameter aka the Name field to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to 2...

6CVSS8.9AI score0.00886EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2009/05/29 4:30 p.m.13 views

CVE-2009-1809

Multiple cross-site scripting XSS vulnerabilities in myColex 1.4.2 allow remote attackers to inject arbitrary web script or HTML via 1 the year parameter to modules/kalender.php, 2 the Page parameter in a List action to modules/ereignis.php, 3 the Kontext parameter in a Search action to...

4.3CVSS5.8AI score0.01484EPSS
Exploits1References4
NVD
NVD
added 2009/05/29 4:30 p.m.19 views

CVE-2009-1810

Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary SQL commands via 1 the formUser parameter aka the Name field to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to 2...

6CVSS8.1AI score0.00886EPSS
Exploits1References5
Cvelist
Cvelist
added 2009/05/29 4:24 p.m.23 views

CVE-2009-1809

Multiple cross-site scripting XSS vulnerabilities in myColex 1.4.2 allow remote attackers to inject arbitrary web script or HTML via 1 the year parameter to modules/kalender.php, 2 the Page parameter in a List action to modules/ereignis.php, 3 the Kontext parameter in a Search action to...

5.8AI score0.01484EPSS
Exploits1References4
CVE
CVE
added 2009/05/29 4:24 p.m.43 views

CVE-2009-1809

CVE-2009-1809 affects myColex 1.4.2 with multiple XSS flaws. Reported vulnerabilities allow remote attackers to inject arbitrary script/HTML via (1) year parameter in modules/kalender.php, (2) Page parameter in a List action to modules/ereignis.php, (3) Kontext parameter in a Search action to mod...

4.3CVSS5.8AI score0.01484EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2009/05/29 4:24 p.m.33 views

CVE-2009-1810

Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary SQL commands via 1 the formUser parameter aka the Name field to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to 2...

8.1AI score0.00886EPSS
Exploits1References5
CVE
CVE
added 2009/05/29 4:24 p.m.47 views

CVE-2009-1810

CVE-2009-1810 affects the web app myColex 1.4.2 . The issue comprises multiple SQL injection vulnerabilities: (1) unauthenticated remote insertion of arbitrary SQL via the parameter formUser (the Name field) to common/login.php , and (2) via the ID parameter in a Detail action to modules/ pages (...

6CVSS8.4AI score0.00886EPSS
Exploits1References5Affected Software1
securityvulns
securityvulns
added 2009/05/21 12:0 a.m.51 views

MULTIPLE REMOTE VULNERABILITIES --my-colex 1.4.2-->

------------------------------------------------------- MULTIPLE REMOTE VULNERABILITIES --my-colex 1.4.2-- ------------------------------------------------------- CMS INFORMATION: --WEB: http://www.collector.ch/drupal5/index.php --DOWNLOAD: http://www.collector.ch/drupal5/?q=node/11 --DEMO:...

0.1AI score
Exploits0
Rows per page
Query Builder