CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 allows remote authenticated users to execute arbitrary SQL commands via the userid parameter in an edit action...

6.5CVSS8.4AI score0.0023EPSS

Exploits2References1

Prion•added 2012/04/20 10:55 a.m.•9 views

Sql injection

SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 allows remote authenticated users to execute arbitrary SQL commands via the userid parameter in an edit action...

6.5CVSS8.6AI score0.0023EPSS

Exploits2References1Affected Software1

Cvelist•added 2012/04/20 10:0 a.m.•23 views

CVE-2012-2236

SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 allows remote authenticated users to execute arbitrary SQL commands via the userid parameter in an edit action...

8AI score0.0023EPSS

Exploits2References1

CVE•added 2012/04/20 10:0 a.m.•40 views

CVE-2012-2236

PHP Gift Registry 1.5.5 is vulnerable to a SQL injection in users.php (userid parameter in the edit action). The issue allows remote authenticated users to execute arbitrary SQL commands. This is caused by unsafely concatenated input in the edit workflow, enabling database command execution. The ...

6.5CVSS8.3AI score0.0023EPSS

Exploits2References1Affected Software1

securityvulns•added 2012/03/19 12:0 a.m.•58 views

PHP Gift Registry 1.5.5 SQL Injection

Exploit Title: PHP Gift Registry 1.5.5 SQL Injection Date: 02/22/12 Author: G13 Software Link: https://sourceforge.net/projects/phpgiftreg/ Version: 1.5.5 Category: webapps php Vulnerability The userid parameter in the users.php file is vulnerable to SQL Injection. A user must be signed in to...

0.9AI score

Exploits0

exploitpack•added 2012/02/24 12:0 a.m.•12 views

PHP Gift Registry 1.5.5 - SQL Injection

PHP Gift Registry 1.5.5 - SQL Injection Exploit Title: PHP Gift Registry 1.5.5 SQL Injection Date: 02/22/12 Author: G13 Software Link: https://sourceforge.net/projects/phpgiftreg/ Version: 1.5.5 Category: webapps php Vulnerability The userid parameter in the users.php file is vulnerable to SQL...

0.3AI score

Exploits0

Packet Storm•added 2012/02/24 12:0 a.m.•31 views

PHP Gift Registry 1.5.5 SQL Injection

6.5CVSS0.3AI score0.0023EPSS

Exploits2

Exploit DB•added 2012/02/24 12:0 a.m.•21 views

PHP Gift Registry 1.5.5 - SQL Injection

7AI score

Exploits0

0day.today•added 2012/02/22 12:0 a.m.•14 views

PHP Gift Registry 1.5.5 SQL Injection

Exploit for php platform in category web applications Exploit Title: PHP Gift Registry 1.5.5 SQL Injection Date: 02/22/12 Author: G13 Software Link: https://sourceforge.net/projects/phpgiftreg/ Version: 1.5.5 Category: webapps php Vulnerability The userid parameter in the users.php file is...

7.1AI score

Exploits0

Cvelist•added 2005/02/10 5:0 a.m.•14 views

CVE-2005-0292

Multiple SQL injection vulnerabilities in index.php in PHP Gift Registry phpGiftReg 1.4.0, and possibly other versions before 1.5.0b1, allow remote attackers to execute arbitrary SQL commands via the 1 messageid, 2 shopper, 3 shopfor, or 4 itemid parameters...

8.6AI score0.00963EPSS

Exploits1References7

NVD•added 2005/01/17 5:0 a.m.•8 views

CVE-2005-0292

7.5CVSS8.6AI score0.00963EPSS

Exploits1References7

NVD•added 2004/12/31 5:0 a.m.•12 views

CVE-2004-2484

Cross-site scripting XSS vulnerability in PHP Gift Registry 1.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter to 1 event.php or 2 index.php...

4.3CVSS5.8AI score0.00558EPSS

Exploits0References8

securityvulns•added 2004/12/11 12:0 a.m.•26 views

[SA13414] PHP Gift Registry "message" Cross-Site Scripting Vulnerabilities

TITLE: PHP Gift Registry "message" Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA13414 VERIFY ADVISORY: http://secunia.com/advisories/13414/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: PHP Gift Registry 1.x http://secunia.com/product/4369/...

1.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by