CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

120 matches found

CVE•added 2023/09/27 12:0 a.m.•49 views

CVE-2023-41452

CVE-2023-41452: phpkobo AjaxNewTicker v1.0.5 contains a Cross-Site Request Forgery flaw allowing a remote attacker to execute arbitrary code through a crafted payload to the txt parameter in index.php. The vulnerability is reflected by the CVSS 3.1 metrics (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) wi...

8.8CVSS8.8AI score0.04361EPSS

Exploits1References3Affected Software1

CNNVD•added 2023/09/27 12:0 a.m.•3 views

phpkobo AjaxNewTicker Cross-Site Scripting Vulnerability

phpkobo AjaxNewTicker is an application from phpkobo Inc. A security vulnerability exists in phpkobo AjaxNewTicker version v.1.0.5, which stems from a cross-site scripting XSS vulnerability in the parameter txt of the file index.php...

6.1CVSS5.8AI score0.00666EPSS

Exploits1References4

Vulnrichment•added 2023/09/27 12:0 a.m.•12 views

CVE-2023-41448

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the ID parameter in the index.php component...

7.2AI score0.00798EPSS

Exploits1References3

CNNVD•added 2023/09/27 12:0 a.m.•2 views

phpkobo AjaxNewTicker Cross-Site Scripting Vulnerability

6.1CVSS5.8AI score0.00902EPSS

Exploits1References4

Cvelist•added 2023/09/27 12:0 a.m.•14 views

CVE-2023-41448

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the ID parameter in the index.php component...

6.5AI score0.00798EPSS

Exploits1References3

seebug.org•added 2014/07/01 12:0 a.m.•10 views

Free Real Estate Contact Form 1.09 - Local File Inclusion

No description provided by source. Securitylab.ir Application Info: Name: Free Real Estate Contact Form Version: 1.09 Vendor: http://www.phpkobo.com/realestatecontact.php Vulnerability Info: Type: Local File Inclusion Risk: Medium Vulnerability:...

7.1AI score

Exploits0

Prion•added 2010/03/23 5:30 p.m.•17 views

Directory traversal

Multiple directory traversal vulnerabilities in Phpkobo Free Real Estate Contact Form 1.09, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANGCODE parameter to 1 codelib/cfg/common.inc.php, 2...

6.8CVSS7.6AI score0.00132EPSS

Exploits1References2Affected Software1

NVD•added 2010/03/23 5:30 p.m.•11 views

CVE-2010-1062

Directory traversal vulnerability in codelib/sys/common.inc.php in Phpkobo Free Real Estate Contact Form 1.09, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the LANGCODE parameter. NOTE: some of these details are obtained...

6.8CVSS7.1AI score0.01919EPSS

Exploits1References4

NVD•added 2010/03/23 5:30 p.m.•9 views

CVE-2010-1057

Multiple directory traversal vulnerabilities in Phpkobo AdFreely aka Ad Board Script 1.01, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via a ..// dot dot slash slash in the LANGCODE parameter to common.inc.php in 1 codelib/cfg/, 2...

6.8CVSS7.3AI score0.04623EPSS

Exploits1References7

NVD•added 2010/03/23 5:30 p.m.•15 views

CVE-2010-1059

Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Address Book Script 1.09, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANGCODE parameter. NOTE: the provenance of this...

6.8CVSS7AI score0.00145EPSS

Exploits1References3

Prion•added 2010/03/23 5:30 p.m.•13 views

Directory traversal

Directory traversal vulnerability in codelib/cfg/common.inc.php in Phpkobo Address Book Script 1.09, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the LANGCODE parameter...

6.8CVSS7.6AI score0.04976EPSS

Exploits1References6Affected Software1

Prion•added 2010/03/23 5:30 p.m.•11 views

Directory traversal

6.8CVSS7.5AI score0.00145EPSS

Exploits1References3Affected Software1

NVD•added 2010/03/23 5:30 p.m.•16 views

CVE-2010-1058

6.8CVSS7.1AI score0.04976EPSS

Exploits1References6

NVD•added 2010/03/23 5:30 p.m.•7 views

CVE-2010-1061

Multiple directory traversal vulnerabilities in Phpkobo Short URL 1.01, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANGCODE parameter to 1 url/app/common.inc.php and 2 codelib/cfg/common.inc.php...

6.8CVSS7.1AI score0.00132EPSS

Exploits1References2

Prion•added 2010/03/23 5:30 p.m.•7 views

Directory traversal

Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Short URL 1.01, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the LANGCODE parameter...

6.8CVSS7.6AI score0.01919EPSS

Exploits1References4Affected Software1

Prion•added 2010/03/23 5:30 p.m.•10 views

Directory traversal

6.8CVSS7.6AI score0.00132EPSS

Exploits1References2Affected Software1

Prion•added 2010/03/23 5:30 p.m.•11 views

Directory traversal

6.8CVSS7.8AI score0.04623EPSS

Exploits1References7Affected Software1

NVD•added 2010/03/23 5:30 p.m.•12 views

CVE-2010-1060