Lucene search
K

2729 matches found

CVE
CVE
added 2007/01/09 6:0 p.m.90 views

CVE-2007-0144

The CVE-2007-0144 entry documents a Cross-site scripting (XSS) vulnerability in search.asp of Digitizing Quote And Ordering System 1.0. The issue allows remote authenticated attackers to inject arbitrary web script or HTML via the ordernum parameter. The NVD notes a MEDIUM base score (6.8) with n...

6.8CVSS5.3AI score0.0178EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/01/09 6:0 p.m.24 views

CVE-2006-6911

SQL injection vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated users to execute arbitrary SQL commands via the ordernum parameter...

7.9AI score0.0086EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/01/09 6:0 p.m.18 views

CVE-2007-0144

Cross-site scripting XSS vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the ordernum parameter...

5.3AI score0.0178EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2006/08/08 12:0 a.m.38 views

Microsoft Internet Explorer CSS Class Ordering Memory Corruption Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists due to improper handling of CSS...

7.5CVSS4AI score0.39183EPSS
Exploits0References1
exploitpack
exploitpack
added 2006/06/13 12:0 a.m.14 views

CEScripts (Multiple Scripts) - Cross-Site Scripting

CEScripts Multiple Scripts - Cross-Site Scripting source: https://www.securityfocus.com/bid/18402/info CEScripts scripts are prone to multiple cross-site scripting vulnerabilities because they fail to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/06/13 12:0 a.m.27 views

CEScripts (Multiple Scripts) - Cross-Site Scripting

source: https://www.securityfocus.com/bid/18402/info CEScripts scripts are prone to multiple cross-site scripting vulnerabilities because they fail to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecti...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2006/04/14 3:54 p.m.4 views

security flaw

Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index...

9.3CVSS7.8AI score0.07786EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/04/03 5:0 a.m.26 views

CVE-2005-0946

SQL injection vulnerability in phpCoin 1.2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the 1 term/keywords field on the search page, 2 username or 3 e-mail field on the forgot password page, or 4 domain name on the ordering new package page...

8.5AI score0.01198EPSS
Exploits0References3
CVE
CVE
added 2005/04/03 5:0 a.m.51 views

CVE-2005-0946

CVE-2005-0946 affects phpCOIN 1.2.1b and earlier, with SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands. Affected input surfaces include the term/keywords field on search, username or e-mail on forgot password, and domain name on the new package ordering...

7.5CVSS8.5AI score0.01198EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder