CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2006-4943

Malware in sbrugna...

7.5CVSS6.4AI score0.0103EPSS

Exploits1References6

Packet Storm•added 2008/07/21 12:0 a.m.•42 views

myreview-disclose.txt

Incorrect management of the submission and camera ready versions of submitted papers to the MyReview system lets unintended users download these documents. This information leakage can be used to illegally retrieve sensitive or licensed documents. I. Description The MyReview web application is an...

5CVSS6.8AI score0.00221EPSS

Exploits1

NVD•added 2006/09/23 10:7 a.m.•11 views

CVE-2006-4957

SQL injection vulnerability in the GetMember function in functions.php in MyReview 1.9.4 allows remote attackers to execute arbitrary SQL commands via the email parameter to Admin.php...

7.5CVSS8.3AI score0.0103EPSS

Exploits1References5

CVE•added 2006/09/23 10:0 a.m.•46 views

CVE-2006-4957

CVE-2006-4957 corresponds to a SQL injection in MyReview 1.9.4. The GetMember function in functions.php fails to sanitize the email parameter used by Admin.php, enabling remote attackers to execute arbitrary SQL. Exploitation details are supported by multiple sources (NVD/Nessus references). The ...

7.5CVSS8.4AI score0.0103EPSS

Exploits1References5Affected Software1

Cvelist•added 2006/09/23 10:0 a.m.•14 views

CVE-2006-4957

SQL injection vulnerability in the GetMember function in functions.php in MyReview 1.9.4 allows remote attackers to execute arbitrary SQL commands via the email parameter to Admin.php...

8.3AI score0.0103EPSS

Exploits1References5

0day.today•added 2006/09/19 12:0 a.m.•27 views

MyReview 1.9.4 (email) Remote SQL Injection / Code Execution Exploit

Exploit for unknown platform in category web applications ==================================================================== MyReview 1.9.4 email Remote SQL Injection / Code Execution Exploit ==================================================================== MyReview 1.9.4 SQL Injection explo...

7.1AI score

Exploits0

exploitpack•added 2006/09/19 12:0 a.m.•16 views

MyReview 1.9.4 - email SQL Injection Code Execution

MyReview 1.9.4 - email SQL Injection Code Execution MyReview 1.9.4 SQL Injection exploit http://myreview.lri.fr/ in functions.php starting from line 382 ............ function GetMember $email, $db, $mode="array" $query = "SELECT FROM PCMember WHERE email = '$email'" ; result = $db-execRequete...

1AI score

Exploits0

Exploit DB•added 2006/09/19 12:0 a.m.•38 views

MyReview 1.9.4 - 'email' SQL Injection / Code Execution

MyReview 1.9.4 SQL Injection exploit http://myreview.lri.fr/ in functions.php starting from line 382 ............ function GetMember $email, $db, $mode="array" $query = "SELECT FROM PCMember WHERE email = '$email'" ; result = $db-execRequete $query; .......... $email is not checked before used in...

7.4AI score

Exploits0

seebug.org•added 2006/09/19 12:0 a.m.•36 views

MyReview 1.9.4 (email) Remote SQL Injection / Code Execution Exploit

No description provided by source. MyReview 1.9.4 SQL Injection exploit http://myreview.lri.fr/ in functions.php starting from line 382 ............ function GetMember $email, $db, $mode="array" $query = "SELECT FROM PCMember WHERE email = '$email'" ; result = $db-execRequete $query;...

7.1AI score

Exploits0

Tenable Nessus•added 2006/09/19 12:0 a.m.•21 views

MyReview Admin.php email Parameter SQL Injection

The remote host is running MyReview, an open source paper submission and review web application. The version of MyReview installed on the remote host fails to properly sanitize input to the 'email' parameter before using it in the 'GetMember' function in a database query. Regardless of PHP's...

7.5CVSS5.6AI score0.0103EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by