CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Multiple PHP remote file inclusion vulnerabilities in Ourvideo CMS 9.5 allow remote attackers to execute arbitrary PHP code via a URL in the includeconnection parameter to 1 edittopfeature.php and 2 edittopicsfeature.php in phpi/...

7.5CVSS7.7AI score0.02843EPSS

Exploits0References3

NVD•added 2008/07/02 5:14 p.m.•9 views

CVE-2008-2978

Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the prefix parameter...

6.8CVSS7.2AI score0.03295EPSS

Exploits1References3

Prion•added 2008/07/02 5:14 p.m.•10 views

Remote file inclusion

7.5CVSS8.2AI score0.02843EPSS

Exploits0References3Affected Software1

Prion•added 2008/07/02 5:14 p.m.•10 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpi/login.php in Ourvideo CMS 9.5 allow remote attackers to inject arbitrary web script or HTML via the 1 toppage and 2 endpage parameters...

4.3CVSS6.1AI score0.0313EPSS

Exploits0References4Affected Software1

Prion•added 2008/07/02 5:14 p.m.•8 views

Directory traversal

6.8CVSS7.7AI score0.03295EPSS

Exploits1References3Affected Software1

NVD•added 2008/07/02 5:14 p.m.•11 views

CVE-2008-2979

Multiple cross-site scripting XSS vulnerabilities in phpi/login.php in Ourvideo CMS 9.5 allow remote attackers to inject arbitrary web script or HTML via the 1 toppage and 2 endpage parameters...

4.3CVSS5.8AI score0.0313EPSS

Exploits0References4

Cvelist•added 2008/07/02 5:0 p.m.•18 views

CVE-2008-2979

Multiple cross-site scripting XSS vulnerabilities in phpi/login.php in Ourvideo CMS 9.5 allow remote attackers to inject arbitrary web script or HTML via the 1 toppage and 2 endpage parameters...

5.8AI score0.0313EPSS

Exploits0References4

Cvelist•added 2008/07/02 5:0 p.m.•13 views

CVE-2008-2978

7.2AI score0.03295EPSS

Exploits1References3

Cvelist•added 2008/07/02 5:0 p.m.•13 views

CVE-2008-2977

7.7AI score0.02843EPSS

Exploits0References3

CVE•added 2008/07/02 5:0 p.m.•37 views

CVE-2008-2979

CVE-2008-2979 describes multiple cross-site scripting (XSS) vulnerabilities in the Ourvideo CMS 9.5, specifically in the file phpi/login.php. The flaw allows remote attackers to inject arbitrary web script or HTML by supplying crafted values for the top_page and end_page parameters. The NVD/relat...

4.3CVSS5.8AI score0.0313EPSS

Exploits0References4Affected Software1

CVE•added 2008/07/02 5:0 p.m.•38 views

CVE-2008-2977

Multiple PHP remote file inclusion vulnerabilities affect Ourvideo CMS 9.5. The flaw allows remote attackers to execute arbitrary PHP code by supplying a URL to the include_connection parameter in two files (edit_top_feature.php and edit_topics_feature.php) located in phpi/. Root cause: unvalidat...

7.5CVSS7.7AI score0.02843EPSS

Exploits0References3Affected Software1

CVE•added 2008/07/02 5:0 p.m.•34 views

CVE-2008-2978

CVE-2008-2978 concerns a directory traversal vulnerability in phpi/rss.php of Ourvideo CMS 9.5 that is exploitable when PHP register_globals is enabled. The issue allows remote attackers to include and execute arbitrary local files by manipulating directory traversal sequences in the prefix param...

6.8CVSS7.2AI score0.03295EPSS

Exploits1References3Affected Software1

Packet Storm•added 2008/06/23 12:0 a.m.•16 views

ourvideo-rfilfixss.txt

┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...

7.4AI score

Exploits0

0day.today•added 2008/06/23 12:0 a.m.•14 views

Ourvideo CMS 9.5 (RFI/LFI/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================================== Ourvideo CMS 9.5 RFI/LFI/XSS Multiple Remote Vulnerabilities ==============================================================...

7.1AI score

Exploits0

Exploit DB•added 2008/06/23 12:0 a.m.•37 views

ourvideo CMS 9.5 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting

??????????????????????????????????????????????????????????????????????????????? ?? C r a C k E r ?? ?? T H E C R A C K O F E T E R N A L M I G H T ?? ?????????????????????????????????????????????????????????????????????????????? ????? From The Ashes and Dust Rises An Unimaginable crack.... ?????...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by