CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. source: http://www.securityfocus.com/bid/18243/info PHP Pro Publish is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

7.1AI score

Exploits0

NVD•added 2006/06/07 12:2 a.m.•10 views

CVE-2006-2876

Cross-site scripting XSS vulnerability in cat.php in PHP Pro Publish 2.0 allows remote attackers to inject arbitrary web script or HTML via the catname parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

6.8CVSS5.6AI score0.01039EPSS

Exploits1References2

Prion•added 2006/06/07 12:2 a.m.•15 views

Cross site scripting

6.8CVSS6.1AI score0.01039EPSS

Exploits1References2Affected Software1

Cvelist•added 2006/06/07 12:0 a.m.•13 views

CVE-2006-2876

5.6AI score0.01039EPSS

Exploits1References2

CVE•added 2006/06/07 12:0 a.m.•42 views

CVE-2006-2876

CVE-2006-2876 is an XSS vulnerability in PHP Pro Publish 2.0 where the catname parameter of cat.php can be exploited to inject arbitrary script/HTML. The affected component is cat.php within PHP Pro Publish 2.0; root cause is insufficient input validation on catname leading to script injection. T...

6.8CVSS5.7AI score0.01039EPSS

Exploits1References2Affected Software1

Prion•added 2006/06/05 5:2 p.m.•12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in DeltaScripts Pro Publish allow remote attackers to inject arbitrary web script or HTML via the 1 artid parameter in art.php and the 2 catname parameter in cat.php...

6.8CVSS6.1AI score0.00416EPSS

Exploits1References4Affected Software1

NVD•added 2006/06/05 5:2 p.m.•11 views

CVE-2006-2821

6.8CVSS5.8AI score0.00416EPSS

Exploits1References4

Cvelist•added 2006/06/05 5:0 p.m.•15 views

CVE-2006-2821

5.8AI score0.00416EPSS

Exploits1References4

exploitpack•added 2006/06/02 12:0 a.m.•12 views

DELTAScripts PHP Pro Publish 2.0 - Multiple Cross-Site Scripting Vulnerabilities

DELTAScripts PHP Pro Publish 2.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/18243/info PHP Pro Publish is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied...

7.1AI score

Exploits0

Exploit DB•added 2006/06/02 12:0 a.m.•20 views

DELTAScripts PHP Pro Publish 2.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/18243/info PHP Pro Publish is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execut...

7.4AI score

Exploits0

NVD•added 2006/05/01 11:2 p.m.•19 views

CVE-2006-2129

Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings, which are stored in setinc.php...

5.5CVSS7.2AI score0.0042EPSS

Exploits0References6

Prion•added 2006/05/01 11:2 p.m.•14 views

Code injection

Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings, which are stored in setinc.php...

5.5CVSS7.6AI score0.0042EPSS

Exploits0References6Affected Software1

Prion•added 2006/05/01 11:2 p.m.•11 views

Sql injection

Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 email and 2 password parameter to a admin/login.php, 3 findstr parameter to b search.php, or 4 artid parameter to c art.php, or 5 catid parameter to d cat.php...

7.5CVSS9.5AI score0.01343EPSS

Exploits0References11Affected Software1

NVD•added 2006/05/01 11:2 p.m.•10 views

CVE-2006-2128

7.5CVSS8.7AI score0.01343EPSS

Exploits0References11

Cvelist•added 2006/05/01 11:0 p.m.•21 views

CVE-2006-2129

Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings, which are stored in setinc.php...

7.2AI score0.0042EPSS

Exploits0References6

CVE•added 2006/05/01 11:0 p.m.•42 views

CVE-2006-2129

CVE-2006-2129 describes a direct static code injection in Pro Publish 2.0. The flaw allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings stored in set_inc.php. Documents consistently identify the affected product as Pro Publish 2.0 and note that acc...

5.5CVSS7.2AI score0.0042EPSS

Exploits0References6Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by