CVE-2015-7383

The CVE-2015-7383 entries relate to Web Reference Database (refbase). Public docs confirm multiple cross-site scripting (XSS) vulnerabilities in refbase up to version 0.9.6 and bleeding-edge builds as of 2015-04-28. The root cause is likely insufficient input sanitization in parameters passed to ...

CVE-2015-7383

Multiple cross-site scripting XSS vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge through 2015-04-28 allow remote attackers to inject arbitrary web script or HTML via the 1 adminUserName, 2 pathToMYSQL, 3 databaseStructureFile, or 4 pathToBibutils parameter t...

CVE-2015-7381

Web Reference Database (refbase)

CVE-2015-6012

Multiple open redirect vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge before 2015-01-08 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the referrer parameter...

refbase 0.9.6 - Multiple Vulnerabilities

refbase 0.9.6 - Multiple Vulnerabilities Exploit Title: Refbase 5 /rss.php?where='nonexistent'+union+allselect+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,concat'version:',@@version,'',34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50-- - /rs...

refbase <= 0.9.6 - Multiple Vulnerabilities

Exploit for php platform in category web applications...

refbase 0.9.6 - Multiple Vulnerabilities

Exploit Title: Refbase 5 /rss.php?where='nonexistent'+union+allselect+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,concat'version:',@@version,'',34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50-- - /rss.php?where='...

Web Reference Database (refbase) contains multiple vulnerabilities

Overview Web Reference Database refbase versions 0.9.6 and possibly earlier contain multiple vulnerabilities. Description Web Reference Database refbase versions 0.9.6 and possibly earlier contain multiple vulnerabilities.CWE-352: Cross-Site Request Forgery CSRF - CVE-2015-6007 The application...

Cross site scripting

Cross-site scripting XSS vulnerability in refbase before 0.9.5 allows remote attackers to inject arbitrary web script or HTML via the headerMsg parameter to 1 show.php and 2 search.php. NOTE: some of these details are obtained from third party information...

CVE-2008-6400

Cross-site scripting XSS vulnerability in refbase before 0.9.5 allows remote attackers to inject arbitrary web script or HTML via the headerMsg parameter to 1 show.php and 2 search.php. NOTE: some of these details are obtained from third party information...

CVE-2008-6400

The connected records confirm CVE-2008-6400 is a Cross-site Scripting (XSS) vulnerability in refbase up to version 0.9.4/0.9.5 (before 0.9.5). The issue arises via the headerMsg parameter used by show.php and search.php , allowing remote attackers to inject arbitrary web script/HTML. The root cau...

CVE-2008-6400

Cross-site scripting XSS vulnerability in refbase before 0.9.5 allows remote attackers to inject arbitrary web script or HTML via the headerMsg parameter to 1 show.php and 2 search.php. NOTE: some of these details are obtained from third party information...