Lucene search
K

39 matches found

Positive Technologies
Positive Technologies
added 2024/02/01 12:0 a.m.6 views

PT-2024-19640 · Eyoucms · Eyoucms

Name of the Vulnerable Software and Affected Versions: eyoucms version 1.6.5 Description: The issue is related to a Cross Site Scripting vulnerability in the num parameter, allowing a remote attacker to run arbitrary code via a crafted URL. Recommendations: For eyoucms version 1.6.5, consider...

6.1CVSS6.2AI score0.00458EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/01/07 12:0 a.m.4 views

trello-octometric SQL注入漏洞

trello-octometric is a small project by the individual developer Jade Bilkey to execute metrics on trello boards over time. trello-octometric suffers from a SQL injection vulnerability that stems from the fact that incorrect manipulation of the parameter num can lead to sql injection...

9.8CVSS6.7AI score0.00657EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/12/30 12:0 a.m.4 views

PT-2022-27926 · Trendnet · Tew755Ap

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW755AP version 1.13B01 Description: A stack overflow issue was discovered, related to the setlogo num parameter in the icp setlogo img sub 41DBF4 function. Recommendations: For version 1.13B01, as a temporary workaround, consider...

9.8CVSS9.5AI score0.00966EPSS
Exploits1References2
OSV
OSV
added 2020/04/01 10:15 p.m.1 views

DEBIAN-CVE-2020-6096

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker...

8.1CVSS8.4AI score0.05223EPSS
Exploits0References1
Prion
Prion
added 2017/07/24 12:29 a.m.17 views

Sql injection

dayrui FineCms 5.0.9 has SQL Injection via the num parameter in an action=related or action=tags request to libraries/Template.php...

7.5CVSS9.8AI score0.01454EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2017/07/24 12:29 a.m.2 views

CVE-2017-11582

dayrui FineCms 5.0.9 has SQL Injection via the num parameter in an action=related or action=tags request to libraries/Template.php...

9.8CVSS5.8AI score0.01454EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/07/24 12:0 a.m.24 views

CVE-2017-11582

dayrui FineCms 5.0.9 has SQL Injection via the num parameter in an action=related or action=tags request to libraries/Template.php...

9.9AI score0.01454EPSS
Exploits1References1
CVE
CVE
added 2017/07/24 12:0 a.m.45 views

CVE-2017-11582

CVE-2017-11582 concerns dayrui FineCms 5.0.9, with a SQL Injection vulnerability in the libraries/Template.php file. The flaw is exploitable via the num parameter in requests for action=related or action=tags, enabling a remote attacker to execute arbitrary SQL commands. Multiple sources in the c...

9.8CVSS9.8AI score0.01454EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2016/11/24 12:0 a.m.1 views

SQL Injection Vulnerability in Taiwan Yicheng Web Design Company's Website Building System

Yee Seng Technology website building system is a content management system template developed by Yee Seng Technology in Taiwan. A SQL injection vulnerability exists in the num parameter in the show.php page of the ArtShing Technology website builder system, which can be exploited by attackers to...

7.6AI score
Exploits0
Prion
Prion
added 2012/09/06 5:55 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in publichtml/lists/admin/ in phpList before 2.10.18 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a reconcileusers action...

4.3CVSS6.1AI score0.02863EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2012/09/06 5:0 p.m.21 views

CVE-2012-2741

Cross-site scripting XSS vulnerability in publichtml/lists/admin/ in phpList before 2.10.18 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a reconcileusers action...

5.5AI score0.02863EPSS
Exploits1References8
FreeBSD
FreeBSD
added 2012/03/21 12:0 a.m.26 views

phpList -- SQL injection and XSS vulnerability

Zero Science Lab reports: Input passed via the parameter 'sortby' is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The param 'num' is vulnerable to a XSS issue where the attacker ca...

6.9AI score
Exploits0References2
OSV
OSV
added 2012/02/18 12:55 a.m.3 views

DEBIAN-CVE-2011-4923

Cross-site scripting XSS vulnerability in View.pm in BackupPC 3.0.0, 3.1.0, 3.2.0, 3.2.1, and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the num parameter in a view action to index.cgi, related to the log file viewer, a different vulnerability than...

4.3CVSS5.8AI score0.02108EPSS
Exploits0References1
OSV
OSV
added 2012/02/18 12:55 a.m.1 views

DEBIAN-CVE-2011-3361

Cross-site scripting XSS vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versions before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a browse action to index.cgi...

4.3CVSS5.8AI score0.02507EPSS
Exploits1References1
Prion
Prion
added 2012/02/18 12:55 a.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in View.pm in BackupPC 3.0.0, 3.1.0, 3.2.0, 3.2.1, and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the num parameter in a view action to index.cgi, related to the log file viewer, a different vulnerability than...

4.3CVSS6AI score0.02507EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2012/02/18 12:0 a.m.3 views

PT-2012-2000

Name of the Vulnerable Software and Affected Versions: BackupPC versions 3.0.0 through 3.2.1 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the num parameter in a view action to "index.cgi", related to the log file viewer...

4.3CVSS5.3AI score0.02108EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2011/10/03 12:0 a.m.14 views

CVE-2011-3361

Cross-site scripting XSS vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versions before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a browse action to index.cgi...

4.3CVSS5.9AI score0.02507EPSS
Exploits1References2
Prion
Prion
added 2008/07/25 1:41 p.m.14 views

Sql injection

SQL injection vulnerability in admin/delete.php in BilboBlog 0.2.1, when magicquotesgpc is disabled, allows remote authenticated administrators to execute arbitrary SQL commands via the num parameter...

6CVSS8.6AI score0.02181EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/10/18 10:0 a.m.23 views

CVE-2002-2296

Cross-site scripting XSS vulnerability in YaBB.pl in Yet Another Bulletin Board YaBB 1 Gold SP 1 allows remote attackers to inject arbitrary web script or HTML via the num parameter...

5.7AI score0.01436EPSS
Exploits1References3
Rows per page
Query Builder