CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting XSS vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the search string...

4.3CVSS6AI score0.00409EPSS

Exploits0References1

seebug.org•added 2014/07/01 12:0 a.m.•14 views

PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload And Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8271/info It has been reported that a script contained in paFileDB does not properly verify user credentials before accepting files for upload. As a result, remote attackers may be able to upload files to the Web server...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•13 views

PHP Arena <= 1.1.3 pafiledb.php Remote Change Password Exploit

No description provided by source. !/usr/bin/perl T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR: PHP Arena paFileDB 1.1.3 And 0lder Expl0it By: A l p h a P r o g r a m m e r Sirus-v Email: [email protected] + Discovered By: GulfTech + Advisory:...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•9 views

PHP Arena PAFileDB 1.1.3/2.1.1/3.0 Email To Friend Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6018/info PHP Arena paFileDB is prone to cross-site scripting attacks. An attacker may construct a malicious link to the vulnerable script which contains arbitrary HTML and script code. If this link is visited by a web...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•31 views

PHP Arena PAFileDB 3.1 - Multiple Remote Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12758/info Multiple remote cross-site scripting vulnerabilities affect PHP Arena PaFileDB. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•13 views

PHP Arena PAFileDB Extreme Edition SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15912/info PAFileDB Extreme Edition is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

7.1AI score

Exploits0

seebug.org•added 2009/09/05 12:0 a.m.•12 views

PABox非授权重设用户口令漏洞

BUGTRAQ: 8067 paBox由于用户提交的输入缺少充分过滤，远程攻击者可以利用这个漏洞重设管理员的用户名和密码。重设管理员用户名和密码就可以未授权控制应用程序。 paBox 1.6 厂商补丁： PHP Arena --------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.phparena.net/pabox.php...

7.1AI score

Exploits0

securityvulns•added 2006/10/09 12:0 a.m.•71 views

XSS IN paFileDB 3.1

XSS IN paFileDB 3.1 BY b0rizQ ------------------- ZARLOULE04 at HOTMAIL dot FR ------------------------------------------------- FILE : pafiledb.php Dork : PHP Arena http://traget/pafiledb.php?action=category&id=1"scriptalertdocument.cookie;/script ------------------------------------------------...

Exploits0

NVD•added 2006/05/05 12:46 p.m.•10 views

CVE-2006-2209

Multiple SQL injection vulnerabilities in index.php in PHP Arena paCheckBook 1.1 allow remote attackers to execute arbitrary SQL commands via 1 the transtype parameter in an add action or 2 entry parameter in an edit action. NOTE: the provenance of this information is unknown; the details are...

6.4CVSS8.3AI score0.00553EPSS

Exploits1References6

Prion•added 2006/05/05 12:46 p.m.•13 views

Sql injection

6.4CVSS9AI score0.00553EPSS

Exploits1References6Affected Software1

CVE•added 2006/05/05 10:0 a.m.•44 views

CVE-2006-2209

PHP Arena paCheckBook 1.1 is affected by multiple SQL injection vulnerabilities in index.php. The issues allow remote attackers to execute arbitrary SQL commands via the transtype parameter in an add action or the entry parameter in an edit action. The description notes that provenance is from th...

6.4CVSS8.3AI score0.00553EPSS

Exploits1References6Affected Software1

Cvelist•added 2006/05/05 10:0 a.m.•14 views

CVE-2006-2209

8.3AI score0.00553EPSS

Exploits1References6

NVD•added 2005/12/17 11:3 a.m.•8 views

CVE-2005-4329

SQL injection vulnerability in pafiledb.php in PHP Arena paFileDB Extreme Edition RC 5 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 newsid and 2 id parameter...

7.5CVSS8.5AI score0.00442EPSS

Exploits1References5

CVE•added 2005/12/17 11:0 a.m.•37 views

CVE-2005-4329

CVE-2005-4329 affects PHP Arena paFileDB Extreme Edition RC 5 and earlier . The vulnerability is a SQL injection in the file pafiledb.php , allowing remote attackers to execute arbitrary SQL commands via the (1) newsid and (2) id parameters. The initial details show a network attack vector with a...

7.5CVSS8.9AI score0.00442EPSS

Exploits1References5Affected Software1

CVE•added 2005/06/28 4:0 a.m.•45 views

CVE-2002-1929

Technical details about CVE-2002-1929 are not publicly available in the provided connected documents. Monitor for updates.

4.3CVSS6AI score0.00913EPSS

Exploits1References6Affected Software1

Packet Storm•added 2005/06/21 12:0 a.m.•23 views

paFiledb31vuln.txt

GulfTech Security Research June 14th, 2005 Vendor : php Arena URL : http://www.phparena.net/pafiledb.php Version : paFileDB 3.1 && Earlier Risk : Multiple Vulnerabilities Description: paFileDB is a popular open source web application offered by php Arena. paFileDB allows webmasters to open up an...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by