Lucene search
+L

80 matches found

UbuntuCve
UbuntuCve
added 2010/02/23 8:30 p.m.19 views

CVE-2010-0682

WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter...

4CVSS5.9AI score0.09855EPSS
Exploits0References1
NVD
NVD
added 2009/01/29 6:30 p.m.11 views

CVE-2009-0330

Directory traversal vulnerability in index.php in Simple Content Management System SCMS 1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter...

6.8CVSS7.2AI score0.01896EPSS
Exploits1References4
NVD
NVD
added 2008/11/28 7:0 p.m.13 views

CVE-2008-5264

Cross-site scripting XSS vulnerability in searcher.exe in Tornado Knowledge Retrieval System 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the p parameter in a root action...

4.3CVSS5.7AI score0.01507EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2008/06/30 3:33 p.m.7 views

mod_autoindex XSS

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6.1CVSS7.3AI score0.26188EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/06/30 3:29 p.m.8 views

mod_autoindex XSS

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6.1CVSS7.3AI score0.26188EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/01/15 9:25 a.m.5 views

mod_autoindex XSS

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6.1CVSS7.3AI score0.26188EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/01/15 9:17 a.m.7 views

mod_autoindex XSS

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6.1CVSS7.3AI score0.26188EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/01/15 9:9 a.m.13 views

mod_autoindex XSS

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6.1CVSS7.3AI score0.26188EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2008/01/10 12:46 a.m.42 views

CVE-2008-0191

WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive information via an invalid p parameter in an rss2 action to the default URI, which reveals the full path and the SQL database structure...

5CVSS6AI score0.02576EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2008/01/04 11:46 a.m.0 views

CVE-2007-6648

Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter...

5CVSS5.9AI score0.05541EPSS
Exploits1References6
Prion
Prion
added 2008/01/04 11:46 a.m.15 views

Sql injection

SQL injection vulnerability in admin.php/vars.php in CustomCMS CCMS 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page...

7.5CVSS9.1AI score0.01169EPSS
Exploits1References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2008/01/04 11:46 a.m.2 views

CVE-2007-6658

SQL injection vulnerability in admin.php/vars.php in CustomCMS CCMS 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page...

7.5CVSS6.3AI score0.01169EPSS
Exploits1References7
Prion
Prion
added 2007/09/28 9:17 p.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in buscar.asp in Solidweb Novus 1.0 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS6AI score0.01196EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2007/09/14 12:17 a.m.3 views

DEBIAN-CVE-2007-4465

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6.1CVSS7.8AI score0.26188EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2007/09/14 12:0 a.m.18 views

PT-2007-5645 · Apache +1 · Apache Http Server +1

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions prior to 2.2.6 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset when the charset on a server-generated page is...

10CVSS6.3AI score0.96436EPSS
Exploits90References125
NVD
NVD
added 2007/08/08 11:17 p.m.12 views

CVE-2007-4256

Directory traversal vulnerability in showpage.cgi in YNP Portal System 2.2.0 allows remote attackers to read arbitrary files via a .. dot dot in the p parameter...

5CVSS6.6AI score0.06447EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2006/05/19 12:0 a.m.4 views

PT-2006-3421 · Openwiki · Openwiki

Name of the Vulnerable Software and Affected Versions: OpenWiki version 0.78 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the p parameter in the ow.asp file. This issue has been disputed by the vendor, who claims that code...

4.3CVSS6.2AI score0.01941EPSS
Exploits0References10
Cvelist
Cvelist
added 2006/04/06 10:0 a.m.23 views

CVE-2006-1638

Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote attackers to execute arbitrary SQL commands via the 1 Username parameter to a accounts.php, b changep.php, c editac.php, d feedback.php, e fpass.php, f login.php, g post.php, h reply.php, or i replylog.php; 2 p parameter to j...

8.5AI score0.01812EPSS
Exploits0References19
OSV
OSV
added 2005/07/05 4:0 a.m.5 views

DEBIAN-CVE-2005-2107

Multiple cross-site scripting XSS vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 p or 2 comment parameter...

4.3CVSS5.7AI score0.02559EPSS
Exploits1References1
Patchstack
Patchstack
added 2005/07/01 12:0 a.m.23 views

WordPress <= 1.5.1.2 - Multiple XSS vulnerabilities

Because of these vulnerabilities in post.php, attackers can inject arbitrary web script or HTML via the "p" or "comment" parameter. Solution Update the WordPress to the latest available version at least 1.5.1.3...

4.3CVSS2.5AI score0.02559EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder