CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

securityvulns•added 2009/03/02 12:0 a.m.•55 views

BlogMan 0.45 Multiple Vulnerabilities

Salvatore "drosophila" Fresta Application: BlogMan http://sourceforge.net/projects/blogman/ Version: 0.45 Bug: Multiple SQL Injection Authentication Bypass Privilege Escalation Exploitation: Remote Date: 1 Mar 2009 Discovered by: Salvatore "drosophila" Fresta Author: Salvatore "drosophila" Fresta...

0.2AI score

NVD•added 2009/02/11 1:30 a.m.•6 views

CVE-2008-6110

Unspecified vulnerability in SemanticScuttle before 0.90 has unknown impact and attack vectors related to improper validation of parameters to profile.php...

10CVSS6.5AI score0.00513EPSS

Exploits0References2

Prion•added 2009/02/11 1:30 a.m.•7 views

Input validation

Unspecified vulnerability in SemanticScuttle before 0.90 has unknown impact and attack vectors related to improper validation of parameters to profile.php...

10CVSS7AI score0.00513EPSS

Exploits0References2Affected Software1

CVE•added 2009/02/11 1:0 a.m.•35 views

CVE-2008-6110

CVE-2008-6110 : The vulnerability is described as an unspecified issue in SemanticScuttle before 0.90 related to improper validation of parameters to profile.php . The connected sources (Red Hat CVE entry, NVD/NVD listing, CVE registry, PRION, CVE List) reiterate the same description with unknown...

10CVSS6.6AI score0.00513EPSS

Exploits0References2Affected Software1

Cvelist•added 2009/02/11 1:0 a.m.•14 views

CVE-2008-6110

Unspecified vulnerability in SemanticScuttle before 0.90 has unknown impact and attack vectors related to improper validation of parameters to profile.php...

6.5AI score0.00513EPSS

Exploits0References2

0day.today•added 2009/01/27 12:0 a.m.•37 views

Flax Article Manager 1.1 Remote PHP Script Upload Vulnerability

Exploit for unknown platform in category web applications =============================================================== Flax Article Manager 1.1 Remote PHP Script Upload Vulnerability =============================================================== Flax Article Manager 1.1 Remote File Upload...

7.1AI score

NVD•added 2009/01/09 6:30 p.m.•8 views

CVE-2009-0107

Cross-site scripting XSS vulnerability in profile.php in PHPAuctions aka PHPAuctionSystem allows remote attackers to inject arbitrary web script or HTML via the userid parameter...

4.3CVSS5.7AI score0.0364EPSS

NVD•added 2009/01/09 6:30 p.m.•13 views

CVE-2009-0106

SQL injection vulnerability in profile.php in PHPAuctions aka PHPAuctionSystem allows remote attackers to execute arbitrary SQL commands via the userid parameter...

7.5CVSS8.2AI score0.0051EPSS

Prion•added 2009/01/09 6:30 p.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in profile.php in PHPAuctions aka PHPAuctionSystem allows remote attackers to inject arbitrary web script or HTML via the userid parameter...

4.3CVSS6.1AI score0.0364EPSS

Prion•added 2009/01/09 6:30 p.m.•16 views

Sql injection

SQL injection vulnerability in profile.php in PHPAuctions aka PHPAuctionSystem allows remote attackers to execute arbitrary SQL commands via the userid parameter...

7.5CVSS8.8AI score0.0051EPSS

Cvelist•added 2009/01/09 6:0 p.m.•11 views

CVE-2009-0107

Cross-site scripting XSS vulnerability in profile.php in PHPAuctions aka PHPAuctionSystem allows remote attackers to inject arbitrary web script or HTML via the userid parameter...

5.7AI score0.0364EPSS

CVE•added 2009/01/09 6:0 p.m.•40 views

CVE-2009-0107

PHPAuctions (PHPAuctionSystem) is affected by a Cross-site Scripting (XSS) vulnerability in profile.php where the user_id parameter can be exploited to inject arbitrary web script or HTML. Affected component: profile.php in PHPAuctions. Root cause: unsanitized user_id input enabling script/HTML i...

4.3CVSS5.9AI score0.0364EPSS

Exploits1References4Affected Software1

Cvelist•added 2009/01/09 6:0 p.m.•17 views

CVE-2009-0106

SQL injection vulnerability in profile.php in PHPAuctions aka PHPAuctionSystem allows remote attackers to execute arbitrary SQL commands via the userid parameter...

8.2AI score0.0051EPSS

seebug.org•added 2009/01/06 12:0 a.m.•16 views

PHPAuctionSystem (XSS/SQL) Multiple Remote Vulnerabilities

No description provided by source. PHPAuctionSystem Author:x0r Email:[email protected] Cms:PhpAuctionSystemvnew Cmsprice:$59.99 Demo:http://www.phpauctions.info/demo/ BugIn:\profile.phpBlind\Normal Sql Injection ExploitBlind: profile.php?userid=29%20and%20substring@@version,1,1=5--...

7.1AI score

exploitpack•added 2009/01/05 12:0 a.m.•14 views

PHPAuctionSystem - Cross-Site Scripting SQL Injection

PHPAuctionSystem - Cross-Site Scripting SQL Injection PHPAuctionSystem Author:x0r Email:[email protected] Cms:PhpAuctionSystemvnew Cmsprice:$59.99 Demo:http://www.phpauctions.info/demo/ BugIn:\profile.phpBlind\Normal Sql Injection ExploitBlind:...

0.6AI score

xssed•added 2008/11/05 12:0 a.m.•11 views

Unfixed XSS vulnerability at www.lerciamaio.altervista.org

Security researcher r080cy90r, has submitted on 11/05/2008 a cross-site-scripting XSS vulnerability affecting www.lerciamaio.altervista.org, which at the time of submission ranked 236 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/05/2008. ...

6.6AI score

Exploits0References1

NVD•added 2008/10/21 6:42 p.m.•8 views

CVE-2008-4642

SQL injection vulnerability in profile.php in AstroSPACES 1.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action...

7.5CVSS8.3AI score0.0051EPSS