CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1114 matches found

Prion•added 2007/03/02 9:18 p.m.•11 views

Cross site scripting

WebAPP before 0.9.9.5 does not properly filter certain characters in contexts related to 1 the query string, 2 Profiles, 3 the Forum Post icon field, 4 the Edit Profile, and 5 the Gallery, which has unknown impact and remote attack vectors, possibly related to cross-site scripting XSS...

5.8CVSS6.6AI score0.01107EPSS

Exploits0References8Affected Software1

NVD•added 2007/03/02 9:18 p.m.•14 views

CVE-2007-1177

5.8CVSS6.2AI score0.01107EPSS

Exploits0References8

Cvelist•added 2007/02/28 12:0 a.m.•22 views

CVE-2006-7087

CRLF injection vulnerability in the mail function in Dotdeb PHP before 5.2.0 Rev 3 allows remote attackers to bypass the protection scheme and inject arbitrary email headers via CRLF sequences in the query string, which is processed via the PHPSELF variable...

7.1AI score0.01788EPSS

Exploits0References9

Prion•added 2007/02/14 11:28 a.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in buscador/buscador.htm in Portal Search allows remote attackers to inject arbitrary web script or HTML via the query string...

4.3CVSS6.1AI score0.01073EPSS

Exploits1References4

Prion•added 2007/02/14 11:28 a.m.•14 views

Design/Logic Flaw

Portal Search allows remote attackers to redirect a URL to an arbitrary web site by placing the URL in the query string to the top-level URI...

9.4CVSS7.1AI score0.01911EPSS

Exploits0References5

Prion•added 2007/02/14 11:28 a.m.•9 views

Design/Logic Flaw

buscador/buscador.htm in Portal Search allows remote attackers to obtain sensitive information business logic via a query string composed of a search for certain characters...

7.8CVSS6.7AI score0.01471EPSS

Exploits0References5

NVD•added 2007/02/14 11:28 a.m.•9 views

CVE-2007-0921

Portal Search allows remote attackers to redirect a URL to an arbitrary web site by placing the URL in the query string to the top-level URI...

9.4CVSS6.6AI score0.01911EPSS

Exploits0References5

NVD•added 2007/02/14 11:28 a.m.•11 views

CVE-2007-0922

Cross-site scripting XSS vulnerability in buscador/buscador.htm in Portal Search allows remote attackers to inject arbitrary web script or HTML via the query string...

4.3CVSS5.7AI score0.01073EPSS

Exploits1References4

Prion•added 2007/02/12 11:28 p.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in the GetCurrentCompletePath function in phpmyvisites.php in phpMyVisites before 2.2 allows remote attackers to inject arbitrary web script or HTML via the query string...

4.3CVSS6.1AI score0.01395EPSS

Exploits0References7Affected Software1

NVD•added 2007/02/12 11:28 p.m.•12 views

CVE-2007-0891

4.3CVSS5.7AI score0.01395EPSS

Exploits0References7

Cvelist•added 2007/02/12 11:0 p.m.•13 views

CVE-2007-0891

5.7AI score0.01395EPSS

Exploits0References7

Prion•added 2007/01/18 2:28 a.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in liens.php3 in liensdynamiques 2.1 allows remote attackers to inject arbitrary web script or HTML by using the ajouter=1 query string and the add menu...

6.8CVSS6.2AI score0.0126EPSS

Exploits1References4Affected Software1

NVD•added 2007/01/18 2:28 a.m.•13 views

CVE-2007-0331

Cross-site scripting XSS vulnerability in liens.php3 in liensdynamiques 2.1 allows remote attackers to inject arbitrary web script or HTML by using the ajouter=1 query string and the add menu...

6.8CVSS5.7AI score0.0126EPSS

Exploits1References4

Cvelist•added 2007/01/18 2:0 a.m.•21 views

CVE-2007-0331

Cross-site scripting XSS vulnerability in liens.php3 in liensdynamiques 2.1 allows remote attackers to inject arbitrary web script or HTML by using the ajouter=1 query string and the add menu...

5.7AI score0.0126EPSS

Exploits1References4

exploitpack•added 2006/12/25 12:0 a.m.•10 views

Irokez Blog 0.7.1 - Multiple Remote File Inclusions

Irokez Blog 0.7.1 - Multiple Remote File Inclusions +------------------------------------------------------------------------------------------- + Irokez CMS +------------------------------------------------------------------------------------------- + Details: + Irokez CMS has several scripts...

7.5AI score

Exploits0

Exploit DB•added 2006/12/19 12:0 a.m.•26 views

phpProfiles 3.1.2b - Multiple Remote File Inclusions

+------------------------------------------------------------------------------------------- + phpProfiles +------------------------------------------------------------------------------------------- + Details: + phpProfiles has several scripts which do not initialize variables before using them ...

7.4AI score

Exploits0

exploitpack•added 2006/12/19 12:0 a.m.•21 views

phpProfiles 3.1.2b - Multiple Remote File Inclusions

phpProfiles 3.1.2b - Multiple Remote File Inclusions +------------------------------------------------------------------------------------------- + phpProfiles +------------------------------------------------------------------------------------------- + Details: + phpProfiles has several scripts...

0.2AI score

Exploits0

Cvelist•added 2006/11/10 1:0 a.m.•20 views

CVE-2006-5825

Cross-site scripting XSS vulnerability in index.php in Kayako SupportSuite 3.00.32 allows remote attackers to inject arbitrary web script or HTML via the query string...

5.7AI score0.01624EPSS

Exploits1References5

NVD•added 2006/10/10 4:6 a.m.•18 views

CVE-2006-5185

Eval injection vulnerability in Template.php in HAMweather 3.9.8.4 and earlier allows remote attackers to execute arbitrary code via a modified query string, which is supplied to an eval function call within the doparsecode function...

7.5CVSS7.8AI score0.0377EPSS

Exploits1References6

Cvelist•added 2006/10/06 7:0 p.m.•23 views

CVE-2006-5185

7.8AI score0.0377EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by