Lucene search
K

1685 matches found

Prion
Prion
added 2008/07/31 5:41 p.m.15 views

Sql injection

SQL injection vulnerability in Comsenz EPShop aka ECShop before 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a 1 proshow or 2 disppro action to the default URI...

7.5CVSS9.1AI score0.00967EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2008/07/28 4:41 p.m.21 views

CVE-2008-3346

SQL injection vulnerability in productdetail.php in ShopCart DX allows remote attackers to execute arbitrary SQL commands via the pid parameter...

7.5CVSS8.4AI score0.01197EPSS
Exploits0References6
CVE
CVE
added 2008/07/28 4:0 p.m.51 views

CVE-2008-3346

CVE-2008-3346: SQL injection in ShopCart DX, vulnerability in product_detail.php via the pid parameter that allows remote execution of arbitrary SQL commands. Affected component is ShopCart DX; root cause is improper input handling in pid parameter leading to SQL injection. Impact described as ar...

7.5CVSS8.4AI score0.01197EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2008/07/28 4:0 p.m.23 views

CVE-2008-3346

SQL injection vulnerability in productdetail.php in ShopCart DX allows remote attackers to execute arbitrary SQL commands via the pid parameter...

8.4AI score0.01197EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2008/07/28 12:0 a.m.23 views

epshop-sql.txt

Name : EPShop 3.0 pid Remote SQL Injection Vulnerability + Author : mikeX - http://www.cyber-underground.net / m$n: mikeXatfuckoffdotcom + Dorks: ?action=proshow and ?action=disppro + Greetz : Ciaran McG, -Witch-Doct0r, Kn, MegaByte, Squibs, cIpheR, mmmbud, RoMeo Information; You can't download a...

7.4AI score
Exploits0
NVD
NVD
added 2008/07/17 1:41 p.m.15 views

CVE-2008-3201

Multiple cross-site scripting XSS vulnerabilities in index.php in Pagefusion 1.5 allow remote attackers to inject arbitrary web script or HTML via the 1 acctfname and 2 acctlname parameters in an edit action, and the 3 PID, 4 PGID, and 5 rez parameters. NOTE: the provenance of this information is...

4.3CVSS5.7AI score0.01465EPSS
Exploits1References4
CVE
CVE
added 2008/07/17 10:0 a.m.39 views

CVE-2008-3201

CVE-2008-3201 involves multiple XSS vulnerabilities in Pagefusion 1.5. The issues affect index.php in Pagefusion 1.5, where unsanitized user input via the edit action can be injected through five parameters: acct_fname, acct_lname, PID, PGID, and rez. The underlying cause is insufficient input sa...

4.3CVSS5.7AI score0.01465EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2008/07/17 10:0 a.m.22 views

CVE-2008-3201

Multiple cross-site scripting XSS vulnerabilities in index.php in Pagefusion 1.5 allow remote attackers to inject arbitrary web script or HTML via the 1 acctfname and 2 acctlname parameters in an edit action, and the 3 PID, 4 PGID, and 5 rez parameters. NOTE: the provenance of this information is...

5.7AI score0.01465EPSS
Exploits1References4
Prion
Prion
added 2008/05/29 11:32 p.m.14 views

Sql injection

SQL injection vulnerability in pwd.asp in Excuse Online allows remote attackers to execute arbitrary SQL commands via the pID parameter...

7.5CVSS9.1AI score0.00961EPSS
Exploits0References4
NVD
NVD
added 2008/05/29 11:32 p.m.11 views

CVE-2008-2509

SQL injection vulnerability in pwd.asp in Excuse Online allows remote attackers to execute arbitrary SQL commands via the pID parameter...

7.5CVSS8.4AI score0.00961EPSS
Exploits0References4
NVD
NVD
added 2008/05/19 1:20 p.m.16 views

CVE-2008-2340

Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 lang parameter to a advsearch.php, b archive.php, and c index.php, and the 2 pid parameter to d listtagitems.php...

7.5CVSS8.5AI score0.00999EPSS
Exploits0References3
CVE
CVE
added 2008/05/19 10:0 a.m.50 views

CVE-2008-2340

CVE-2008-2340 affects News Manager 2.0 with multiple SQL injection vulnerabilities. Remote attackers can exploit the (1) lang parameter in advsearch.php, archive.php, and index.php, and the (2) pid parameter in list_tagitems.php to execute arbitrary SQL commands. The entry is documented with a hi...

7.5CVSS8.5AI score0.00999EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2008/05/16 12:54 p.m.17 views

Sql injection

SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a pdetails action...

7.5CVSS9.1AI score0.0101EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2008/05/14 5:20 p.m.9 views

Sql injection

SQL injection vulnerability in index.php in Online Rent aka Online Rental Property Script 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected...

6.8CVSS9.1AI score0.0217EPSS
Exploits1References12Affected Software1
Prion
Prion
added 2008/02/19 2:0 a.m.13 views

Sql injection

SQL injection vulnerability in the comsg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task...

7.5CVSS9.1AI score0.00961EPSS
Exploits1References3
Cvelist
Cvelist
added 2008/02/19 1:0 a.m.18 views

CVE-2008-0816

SQL injection vulnerability in the comsg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task...

8.4AI score0.00961EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.31 views

Debian Security Advisory DSA 658-1 (libdbi-perl)

The remote host is missing an update to libdbi-perl announced via advisory DSA 658-1. OpenVAS Vulnerability Test $Id: deb6581.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 658-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

2.1CVSS0.3AI score0.00412EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.20 views

Debian Security Advisory DSA 009-1 (stunnel)

The remote host is missing an update to stunnel announced via advisory DSA 009-1. OpenVAS Vulnerability Test $Id: deb0091.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 009-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

10CVSS0.1AI score0.02774EPSS
Exploits0
Debian CVE
Debian CVE
added 2007/12/15 1:0 a.m.46 views

CVE-2007-6358

pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.PID.tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS...

4.9CVSS6.1AI score0.00467EPSS
Exploits1
Prion
Prion
added 2007/07/18 11:30 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in default.asp in Element CMS allows remote attackers to inject arbitrary web script or HTML via the s parameter in a search pID action...

4.3CVSS6.1AI score0.01065EPSS
Exploits0References5
Rows per page
Query Builder