CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

seebug.org•added 2014/07/01 12:0 a.m.•10 views

PhxContacts 0.93 carnet.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17306/info PhxContacts is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploi...

7.1AI score

seebug.org•added 2014/07/01 12:0 a.m.•19 views

PhxContacts 0.93 contact_view.php id_contact Parameter SQL Injection

7.1AI score

Packet Storm•added 2006/04/01 12:0 a.m.•30 views

PhxContactsSQL.txt

+PhxContacts +website of software:http://www.phoetux.net/ +founded by Morocco Security Team +special 10x to:all friends ww.lezr.com & www.cim-team.org +xss +http://target/login.php?m=xss +SQL +http://target/carnet.php?viewcat=&alllines=true&motclef=sql...

NVD•added 2006/03/30 11:2 a.m.•14 views

CVE-2006-1536

Multiple SQL injection vulnerabilities in Phoetux.net PhxContacts 0.93.1 beta and earlier allow remote attackers to execute arbitrary SQL commands via the 1 motclef and 2 nbrlineview parameters in a carnet.php, and the 3 idcontact parameter in b contactview.php...

7.5CVSS8.5AI score0.00313EPSS

NVD•added 2006/03/30 11:2 a.m.•9 views

CVE-2006-1535

Cross-site scripting XSS vulnerability in login.php in Phoetux.net PhxContacts 0.93.1 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter...

4.3CVSS5.7AI score0.00353EPSS

Prion•added 2006/03/30 11:2 a.m.•9 views

Sql injection

7.5CVSS9.3AI score0.00313EPSS

Prion•added 2006/03/30 11:2 a.m.•6 views

Cross site scripting

Cross-site scripting XSS vulnerability in login.php in Phoetux.net PhxContacts 0.93.1 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter...

4.3CVSS6.2AI score0.00353EPSS

Cvelist•added 2006/03/30 11:0 a.m.•16 views

CVE-2006-1536

8.5AI score0.00313EPSS

Cvelist•added 2006/03/30 11:0 a.m.•11 views

CVE-2006-1535

Cross-site scripting XSS vulnerability in login.php in Phoetux.net PhxContacts 0.93.1 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter...

5.7AI score0.00353EPSS

CVE•added 2006/03/30 11:0 a.m.•37 views

CVE-2006-1535

The CVE refers to a cross-site scripting (XSS) vulnerability in Phoetux.net PhxContacts (versions up to 0.93.1 beta) where an attacker can inject arbitrary script via the m parameter in login.php. Affected component is the login handling script; root cause is improper sanitization of input to the...

4.3CVSS5.7AI score0.00353EPSS

CVE•added 2006/03/30 11:0 a.m.•35 views

CVE-2006-1536

Affected product: Phoetux.net PhxContacts 0.93.1 beta and earlier. Vulnerability: multiple SQL injection flaws in PHP files carnet.php (parameters motclef, nbr_line_view) and contact_view.php (parameter id_contact) that allow remote attackers to execute arbitrary SQL commands. Root cause: input p...

7.5CVSS8.5AI score0.00313EPSS

securityvulns•added 2006/03/30 12:0 a.m.•25 views

PhxContacts <= 0.93.1 beta Multiple SQL injection & xss

0.1AI score

exploitpack•added 2006/03/29 12:0 a.m.•14 views

PhxContacts 0.93 - contact_view.php?id_contact SQL Injection

PhxContacts 0.93 - contactview.php?idcontact SQL Injection source: https://www.securityfocus.com/bid/17306/info PhxContacts is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL...

0.4AI score

Exploit DB•added 2006/03/29 12:0 a.m.•36 views

PhxContacts 0.93 - 'carnet.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/17306/info PhxContacts is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

Exploit DB•added 2006/03/29 12:0 a.m.•15 views

PhxContacts 0.93 - 'login.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17307/info PhxContacts is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser ...

Exploit DB•added 2006/03/29 12:0 a.m.•28 views

PhxContacts 0.93 - 'contact_view.php?id_contact' SQL Injection

exploitpack•added 2006/03/29 12:0 a.m.•6 views

PhxContacts 0.93 - login.php Cross-Site Scripting

PhxContacts 0.93 - login.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17307/info PhxContacts is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...

6.8AI score