CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site request forgery CSRF vulnerability in Planetluc RateMe 1.3.3 allows remote attackers to perform unauthorized actions as other users via unspecified vectors...

6.8CVSS6.9AI score0.00205EPSS

Exploits0References3

Prion•added 2008/11/04 12:58 a.m.•7 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Planetluc RateMe 1.3.3 allows remote attackers to perform unauthorized actions as other users via unspecified vectors...

6.8CVSS7.4AI score0.00205EPSS

Exploits0References3Affected Software1

Prion•added 2008/11/04 12:58 a.m.•10 views

Cross site scripting

Cross-site scripting XSS vulnerability in planetluc RateMe 1.3.3 allows remote attackers to inject arbitrary web script or HTML via the rate parameter in a submit rate action...

4.3CVSS6.1AI score0.00285EPSS

Exploits0References4Affected Software1

Prion•added 2008/11/04 12:58 a.m.•7 views

Cross site scripting

Cross-site scripting XSS vulnerability in gallery.inc.php in Planetluc MyGallery 1.7.2 and earlier, and possibly other versions before 1.8.1, allows remote attackers to inject arbitrary web script or HTML via the mghash parameter. NOTE: some of these details are obtained from third party...

4.3CVSS6.3AI score0.00329EPSS

Exploits0References5Affected Software1

CVE•added 2008/11/04 12:0 a.m.•41 views

CVE-2008-4891

CVE-2008-4891 affects Planetluc SignMe 1.5 before 1.55. The vulnerability is a cross-site scripting (XSS) flaw in signme.inc.php that allows an attacker to inject arbitrary script or HTML via the hash parameter. Per NVD, the CVSS v2 base score is 4.3 (Medium) with network attack vector, no authen...

4.3CVSS5.7AI score0.00329EPSS

Exploits0References5Affected Software1

CVE•added 2008/11/04 12:0 a.m.•41 views

CVE-2008-4898

CVE-2008-4898 describes an XSS vulnerability in planetluc RateMe 1.3.3 where an attacker can inject arbitrary web script or HTML by supplying a crafted rate parameter in a submit rate action. The affected software is planetluc RateMe 1.3.3; input handling in the rate parameter is the root cause. ...

4.3CVSS5.7AI score0.00285EPSS

Exploits0References4Affected Software1

Cvelist•added 2008/11/04 12:0 a.m.•13 views

CVE-2008-4899

Cross-site request forgery CSRF vulnerability in Planetluc RateMe 1.3.3 allows remote attackers to perform unauthorized actions as other users via unspecified vectors...

6.9AI score0.00205EPSS

Exploits0References3

CVE•added 2008/11/04 12:0 a.m.•47 views

CVE-2008-4899

CVE-2008-4899 describes a cross-site request forgery in Planetluc RateMe 1.3.3 . The vulnerability allows remote attackers to perform unauthorized actions as other users via unspecified vectors. The available sources confirm the affected product and vulnerability class but do not specify the exac...

6.8CVSS6.9AI score0.00205EPSS

Exploits0References3Affected Software1

CVE•added 2008/11/04 12:0 a.m.•43 views

CVE-2008-4892

CVE-2008-4892 affects Planetluc MyGallery 1.7.2 and earlier (likely all versions before 1.8.1). The vulnerability is a Cross‑Site Scripting (XSS) in gallery.inc.php that allows remote attackers to inject arbitrary web script or HTML via the mghash parameter. Impact is an in‑context script injecti...

4.3CVSS5.8AI score0.00329EPSS

Exploits0References5Affected Software1

Packet Storm•added 2006/12/21 12:0 a.m.•24 views

rateme-rfi.txt

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ..,,:: ;;ii,,:: + + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: + + tt;;::..,, tt;;,, ff;;;;...

7.4AI score

Exploits0

CVE•added 2006/12/20 2:0 a.m.•36 views

CVE-2006-6648

CVE-2006-6648 affects planetluc.com RateMe 1.3.2 and earlier. A PHP remote file inclusion vulnerability exists in main.inc.php, enabling remote attackers to execute arbitrary PHP code via a URL in the pathtoscript parameter. Exploitation status is not provided in the supplied documents, and no re...

7.5CVSS7.9AI score0.02141EPSS

Exploits1References5Affected Software1

seebug.org•added 2006/12/19 12:0 a.m.•23 views

RateMe <= 1.3.2 (main.inc.php) Remote File Include Vulnerability

No description provided by source. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ...,,:: ;;ii,,:: + + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;::...

7.1AI score

Exploits0

seebug.org•added 2006/12/18 12:0 a.m.•13 views

RateMe <= 1.3.2 (main.inc.php) Remote File Include Vulnerability

7.1AI score

Exploits0

securityvulns•added 2006/12/18 12:0 a.m.•42 views

RateMe <= all versions => ( main.inc.php ) Remote File Include Vulnerability

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ...,,:: ;;ii,,:: + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: + + tt;;::..,, tt;;,, ff;;;;i...

0.1AI score

Exploits0

Exploit DB•added 2006/12/18 12:0 a.m.•38 views

RateMe 1.3.2 - 'main.inc.php' Remote File Inclusion

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ...,,:: ;;ii,,:: + + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: + + tt;;::..,, tt;;,,...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by