Lucene search
+L

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-2129

Malware in sbrugna...

7.5CVSS6.4AI score0.01852EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-2130

Malware in sbrugna...

5.5CVSS6.4AI score0.01215EPSS
Exploits0References7
NVD
NVD
added 2006/06/07 12:2 a.m.12 views

CVE-2006-2876

Cross-site scripting XSS vulnerability in cat.php in PHP Pro Publish 2.0 allows remote attackers to inject arbitrary web script or HTML via the catname parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

6.8CVSS5.6AI score0.01255EPSS
Exploits1References2
Prion
Prion
added 2006/06/07 12:2 a.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in cat.php in PHP Pro Publish 2.0 allows remote attackers to inject arbitrary web script or HTML via the catname parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

6.8CVSS6.1AI score0.01255EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2006/06/07 12:0 a.m.45 views

CVE-2006-2876

CVE-2006-2876 is an XSS vulnerability in PHP Pro Publish 2.0 where the catname parameter of cat.php can be exploited to inject arbitrary script/HTML. The affected component is cat.php within PHP Pro Publish 2.0; root cause is insufficient input validation on catname leading to script injection. T...

6.8CVSS5.7AI score0.01255EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2006/05/01 11:2 p.m.14 views

Sql injection

Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 email and 2 password parameter to a admin/login.php, 3 findstr parameter to b search.php, or 4 artid parameter to c art.php, or 5 catid parameter to d cat.php...

7.5CVSS9.5AI score0.01852EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2006/05/01 11:2 p.m.13 views

CVE-2006-2128

Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 email and 2 password parameter to a admin/login.php, 3 findstr parameter to b search.php, or 4 artid parameter to c art.php, or 5 catid parameter to d cat.php...

7.5CVSS8.7AI score0.01852EPSS
Exploits0References11
NVD
NVD
added 2006/05/01 11:2 p.m.23 views

CVE-2006-2129

Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings, which are stored in setinc.php...

5.5CVSS7.2AI score0.01215EPSS
Exploits0References6
Prion
Prion
added 2006/05/01 11:2 p.m.19 views

Code injection

Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings, which are stored in setinc.php...

5.5CVSS7.6AI score0.01215EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2006/05/01 11:0 p.m.17 views

CVE-2006-2128

Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 email and 2 password parameter to a admin/login.php, 3 findstr parameter to b search.php, or 4 artid parameter to c art.php, or 5 catid parameter to d cat.php...

8.7AI score0.01852EPSS
Exploits0References11
Cvelist
Cvelist
added 2006/05/01 11:0 p.m.26 views

CVE-2006-2129

Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings, which are stored in setinc.php...

7.2AI score0.01215EPSS
Exploits0References6
CVE
CVE
added 2006/05/01 11:0 p.m.51 views

CVE-2006-2129

CVE-2006-2129 describes a direct static code injection in Pro Publish 2.0. The flaw allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings stored in set_inc.php. Documents consistently identify the affected product as Pro Publish 2.0 and note that acc...

5.5CVSS7.2AI score0.01215EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2006/05/01 11:0 p.m.50 views

CVE-2006-2128

CVE-2006-2128 affects Pro Publish 2.0. The provided sources describe multiple SQL injection vulnerabilities in the application, exploitable via specific request parameters to several pages: (1) admin/login.php with email/password, (2) search.php with find_str, (3) art.php with artid, and (4) cat....

7.5CVSS8.7AI score0.01852EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder