CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. source: http://www.securityfocus.com/bid/27053/info OpenBiblio is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection, cross-site scripting, HTML-injection, and local...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•11 views

OpenBiblio 0.x theme_del_confirm.php name Parameter XSS

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•14 views

OpenBiblio 0.x theme_preview.php themeName Parameter XSS

7.1AI score

Exploits0

Prion•added 2007/12/31 8:46 p.m.•11 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in OpenBiblio 0.5.2-pre4 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 LAST and 2 FIRST parameters to admin/staffdelconfirm.php, 3 the name parameter to admin/themedelconfirm.php, or 4 the themeName parameter ...

4.3CVSS6.1AI score0.02767EPSS

Exploits1References9Affected Software1

Prion•added 2007/12/31 8:46 p.m.•8 views

Design/Logic Flaw

OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain sensitive information via a direct request for 1 shared/footer.php, 2 circ/mbrfields.php, or 3 admin/custommarcformfields.php, which reveals the path in various error messages...

5CVSS6.7AI score0.00303EPSS

Exploits1References9Affected Software1

NVD•added 2007/12/31 8:46 p.m.•10 views

CVE-2007-6607

5CVSS6.2AI score0.00303EPSS

Exploits1References9

NVD•added 2007/12/31 8:46 p.m.•10 views

CVE-2007-6608

4.3CVSS5.8AI score0.02767EPSS

Exploits1References9

Prion•added 2007/12/31 8:46 p.m.•11 views

Information disclosure

OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...

5CVSS6.9AI score0.00169EPSS

Exploits1References6Affected Software1

NVD•added 2007/12/31 8:46 p.m.•7 views

CVE-2007-6606

OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...

5CVSS6.3AI score0.00169EPSS

Exploits1References6

Cvelist•added 2007/12/31 8:0 p.m.•16 views

CVE-2007-6607

6.2AI score0.00303EPSS

Exploits1References9

CVE•added 2007/12/31 8:0 p.m.•34 views

CVE-2007-6607

OpenBiblio 0.5.2-pre4 and earlier is affected. The vulnerability allows remote attackers to obtain sensitive information by directly requesting (1) shared/footer.php, (2) circ/mbr_fields.php, or (3) admin/custom_marc_form_fields.php, with error messages revealing internal paths. The CVE entry doc...

5CVSS6.2AI score0.00303EPSS

Exploits1References9Affected Software1

CVE•added 2007/12/31 8:0 p.m.•39 views

CVE-2007-6608

CVE-2007-6608 : OpenBiblio 0.5.2-pre4 and earlier suffer multiple cross-site scripting (XSS) vulnerabilities due to unsanitized input in several admin pages. Specifically, the parameters (1) LAST and (2) FIRST to admin/staff_del_confirm.php, (3) name to admin/theme_del_confirm.php, and (4) themeN...

4.3CVSS5.8AI score0.02767EPSS

Exploits1References9Affected Software1

Cvelist•added 2007/12/31 8:0 p.m.•15 views

CVE-2007-6608

5.8AI score0.02767EPSS

Exploits1References9

Cvelist•added 2007/12/31 8:0 p.m.•17 views

CVE-2007-6606

OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...

6.3AI score0.00169EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by