Lucene search
K

48 matches found

Cvelist
Cvelist
added 2006/07/14 9:0 p.m.17 views

CVE-2006-3616

Multiple cross-site scripting XSS vulnerabilities in Carbonize Lazarus Guestbook 1.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the show parameter in codes-english.php and 2 the img parameter in picture.php, after the name of an existing file...

5.8AI score0.02433EPSS
Exploits1References9
securityvulns
securityvulns
added 2006/07/13 12:0 a.m.88 views

Lazarus Guestbook Cross Site Scripting Vulnerabilities

Produce : Lazarus Guestbook Website : http://carbonize.co.uk/Lazarus/ Version : = 1.6 Problem : Cross Site Scripting 1 The first probleme is in codes-english.php ,"show" parameter in lang/codes-english.php isn't properly sanitised This can be exploited to execute arbitrary HTML and javascript cod...

0.3AI score
Exploits0
NVD
NVD
added 2006/06/28 10:5 p.m.12 views

CVE-2006-3283

SQL injection vulnerability in Dating Agent PRO 4.7.1 allows remote attackers to execute arbitrary SQL commands via the 1 pid parameter in picture.php, 2 mid parameter in mem.php, and the 3 sex and 4 relationship parameters in search.php...

7.5CVSS8.4AI score0.01179EPSS
Exploits0References3
Cvelist
Cvelist
added 2006/06/28 10:0 p.m.13 views

CVE-2006-3283

SQL injection vulnerability in Dating Agent PRO 4.7.1 allows remote attackers to execute arbitrary SQL commands via the 1 pid parameter in picture.php, 2 mid parameter in mem.php, and the 3 sex and 4 relationship parameters in search.php...

8.4AI score0.01179EPSS
Exploits0References3
securityvulns
securityvulns
added 2006/04/25 12:0 a.m.31 views

[SA19801] PhpWebGallery "picture.php" Disclosure of Arbitrary Pictures

TITLE: PhpWebGallery "picture.php" Disclosure of Arbitrary Pictures SECUNIA ADVISORY ID: SA19801 VERIFY ADVISORY: http://secunia.com/advisories/19801/ CRITICAL: Less critical IMPACT: Security Bypass, Exposure of sensitive information WHERE: From remote SOFTWARE: PhpWebGallery 1.x...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2006/04/11 12:0 a.m.26 views

PHPWebGallery Multiple Cross Site Scripting Vulnerabilities

Title : PHPWebGallery Multiple Cross Site Scripting Vulnerabilities Author: Mourad aka Psych0 root at linuxmail org Moroccan Security Team Vendor: www.phpwebgallery.net Software: PHPWebGallery Version: 1.4.1 category.php and picture.php scripts are vulnerable to XSS attacks. Exploits:...

0.3AI score
Exploits0
NVD
NVD
added 2006/04/10 7:2 p.m.24 views

CVE-2006-1675

Multiple cross-site scripting XSS vulnerabilities in PHPWebGallery 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 cat, 2 num, and 3 search parameters to a category.php, and the 4 slideshow, 5 showmetadata, and 6 start parameters to b picture.php, a different...

2.6CVSS5.6AI score0.01851EPSS
Exploits2References5
exploitpack
exploitpack
added 2006/04/10 12:0 a.m.10 views

PHPWebGallery 1.4.1 - picture.php Cross-Site Scripting

PHPWebGallery 1.4.1 - picture.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17421/info PHPWebGallery is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

6.8AI score
Exploits0
Rows per page
Query Builder