Lucene search
+L

412 matches found

cvelist
cvelist
added 2005/10/14 4:0 a.m.16 views

CVE-2005-3201

SQL injection vulnerability in news.php for Utopia News Pro UNP 1.1.3, when magicquotesgpc is disabled and registerglobals is enabled, allows remote attackers to execute arbitrary SQL via the newsid parameter...

8.2AI score0.0175EPSS
Exploits1References8
cve
cve
added 2005/07/06 4:0 a.m.49 views

CVE-2005-2156

CVE-2005-2156 describes a SQL injection in PHPNews 1.2.5 via the prevnext parameter in news.php. A remote attacker could exploit this to influence database queries and potentially expose information. Related advisories corroborate exploitation potential and indicate the issue affects PHPNews prio...

7.5CVSS8.4AI score0.01141EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2005/05/10 4:0 a.m.18 views

CVE-2004-2042

Multiple SQL injection vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary SQL code and gain sensitive information via 1 content parameter to content.php, 2 contentid parameter to content.php, or 3 list parameter to news.php...

7.7AI score0.0191EPSS
Exploits1References9
cvelist
cvelist
added 2005/04/24 4:0 a.m.12 views

CVE-2005-1237

SQL injection vulnerability in news.php in FlexPHPNews 0.0.3 allows remote attackers to execute arbitrary SQL commands via the newsid parameter...

8.4AI score0.02249EPSS
Exploits0References9
cve
cve
added 2005/04/24 4:0 a.m.52 views

CVE-2005-1237

Vulnerability summary (CVE-2005-1237) : The issue affects FlexPHPNews 0.0.3, specifically the news.php component. It is a SQL injection vulnerability exploitable via the newsid parameter, allowing remote attackers to execute arbitrary SQL commands. The NVD metadata reports a network-facing vector...

7.5CVSS8.8AI score0.02249EPSS
Exploits0References9Affected Software1
exploitpack
exploitpack
added 2005/04/10 12:0 a.m.15 views

ModernGigabyte ModernBill 4.3 - news.php File Inclusion

ModernGigabyte ModernBill 4.3 - news.php File Inclusion source: https://www.securityfocus.com/bid/13086/info ModernBill is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the...

Exploits0
exploitdb
exploitdb
added 2005/04/10 12:0 a.m.24 views

ModernGigabyte ModernBill 4.3 - 'news.php' File Inclusion

source: https://www.securityfocus.com/bid/13086/info ModernBill is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'news.php' script. ModernBill 4.3 and prior versions are...

7.4AI score
Exploits0
packetstorm
packetstorm
added 2005/01/16 12:0 a.m.31 views

siteman119.txt

New XSS Vulnerability in Siteman v1.1.9, Discovered by PersianHacker.NET Security Team by Pi3cH pi3ch yahoo com http://www.PersianHacker.NET Siteman is a Content Management System CMS that is so easy to install and use, that a person who has no knowledge about creating homepages can get a...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/01/15 12:0 a.m.31 views

XSS Vulnerability in Siteman v1.1.9

New XSS Vulnerability in Siteman v1.1.9, Discovered by PersianHacker.NET Security Team by Pi3cH pi3ch yahoo com http://www.PersianHacker.NET Siteman is a Content Management System CMS that is so easy to install and use, that a person who has no knowledge about creating homepages can get a...

6AI score
Exploits0
nvd
nvd
added 2004/12/31 5:0 a.m.18 views

CVE-2004-2511

Multiple cross-site scripting XSS vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the year, 2 month, and 3 day parameters in calendar.php; 4 the cid and 5 url parameters in index.php; 6 the cid parameter in annoucement.php; 7 the...

4.3CVSS5.7AI score0.05324EPSS
Exploits1References13
securityvulns
securityvulns
added 2003/05/21 12:0 a.m.45 views

ttCMS/ttForum multiple bugs

SQL injection via username in Profile.php. PHP injection in News.php, install.php...

3.2AI score
Exploits0References3Affected Software2
securityvulns
securityvulns
added 2003/01/24 12:0 a.m.37 views

Another YabbSE Remote Code Execution Vulnerability

YabbSE Remote Code Execution 2 Vulnerability By Mindwarper :: [email protected] :: ------- ------- ---------------------- Vendor Information: ---------------------- Homepage : http://www.yabbse.org Vendor : informed Mailed advisory: 24/01/02 Vender Response : None ---------------------- Affecte...

1.1AI score
Exploits0
Rows per page
Query Builder