Lucene search
K

39 matches found

Packet Storm
Packet Storm
added 2014/09/16 12:0 a.m.37 views

Cart Engine 3.0 XSS / Open Redirect / SQL Injection

=== Details === Quantum Leap Advisory: http://www.quantumleap.it/cart-engine-3-0-multiple-vulnerabilities-sql-injection-reflected-xss-open-redirect/ Affected Product: Cart Engine Version: 3.0 === Executive Summary === SQL Injection: Using a specially crafted HTTP request, it is possible to exploi...

0.3AI score
Exploits0
Prion
Prion
added 2014/08/12 8:55 p.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.3 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header...

4.3CVSS6.1AI score0.01773EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/08/12 8:0 p.m.27 views

CVE-2014-5198

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.3 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header...

5.6AI score0.01773EPSS
Exploits0References3
Prion
Prion
added 2012/09/18 2:55 p.m.23 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web script or HTML via a 1 GET parameter, 2 POST parameter, or 3 Referer HTTP header...

4.3CVSS6AI score0.02142EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2012/07/12 9:55 p.m.17 views

Sql injection

SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header...

6.8CVSS8.9AI score0.02925EPSS
Exploits6References6Affected Software1
Cvelist
Cvelist
added 2011/11/28 9:0 p.m.24 views

CVE-2011-4562

Multiple cross-site scripting XSS vulnerabilities in 1 view/admin/logitem.php and 2 view/admin/logitemdetails.php in the Redirection plugin 2.2.9 for WordPress allow remote attackers to inject arbitrary web script or HTML via the Referer HTTP header in a request to a post that does not exist...

6.2AI score0.02483EPSS
Exploits1References8
Patchstack
Patchstack
added 2011/11/28 12:0 a.m.18 views

WordPress Redirection Plugin <= 2.2.9 - Multiple XSS

Because of these vulnerabilities, the attackers can inject arbitrary web script or HTML via the Referer HTTP header in a request to a post that does not exist. Solution Update the plugin...

4.3CVSS2.3AI score0.02483EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2011/10/21 10:55 a.m.21 views

CVE-2011-3340

SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header...

7.5CVSS8.3AI score0.02042EPSS
Exploits1References3
Prion
Prion
added 2011/10/21 10:55 a.m.18 views

Sql injection

SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header...

7.5CVSS9AI score0.02042EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2011/10/21 10:0 a.m.30 views

CVE-2011-3340

SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header...

8.3AI score0.02042EPSS
Exploits1References3
Prion
Prion
added 2009/06/04 4:30 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in claroline/linker/notfound.php in Claroline 1.8.11 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header...

4.3CVSS6.1AI score0.01832EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2009/03/24 7:0 p.m.23 views

CVE-2009-1066

SQL injection vulnerability in the referral function in admin/lib/liblogs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request...

8.3AI score0.02388EPSS
Exploits1References7
Prion
Prion
added 2008/04/23 1:5 p.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Top Referrers aka referrer plugin in Serendipity S9Y before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header...

4.3CVSS6.1AI score0.04501EPSS
Exploits2References9Affected Software1
Prion
Prion
added 2008/01/04 12:46 a.m.14 views

Sql injection

SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header...

7.5CVSS9.1AI score0.01011EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2008/01/04 12:46 a.m.11 views

CVE-2007-6622

SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header...

7.5CVSS8.4AI score0.01011EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/10/05 12:0 a.m.23 views

CVE-2007-5222

SQL injection vulnerability in index.php in MAXdev MDPro MD-Pro 1.0.76 allows remote attackers to execute arbitrary SQL commands via a "Firefox ID=" substring in a Referer HTTP header...

8.3AI score0.01651EPSS
Exploits1References7
Cvelist
Cvelist
added 2007/04/25 3:0 p.m.17 views

CVE-2007-2235

Multiple cross-site scripting XSS vulnerabilities in PunBB 1.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 Referer HTTP header to misc.php or the 2 category name when deleting a category in admincategories.php...

5.8AI score0.01294EPSS
Exploits0References8
Prion
Prion
added 2007/02/16 1:28 a.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in Jupiter CMS 1.1.5 allow remote attackers to inject arbitrary web script or HTML via the Referer HTTP header and certain other HTTP headers, which are displayed without proper sanitization when an administrator performs a Logged Gue...

6.8CVSS6AI score0.01539EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2006/08/09 10:4 p.m.17 views

CVE-2006-4035

SQL injection vulnerability in counterchaos.php in CounterChaos 0.48c and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header...

7.5CVSS8.4AI score0.01452EPSS
Exploits1References7
Rows per page
Query Builder