Lucene search
K

88 matches found

Cvelist
Cvelist
added 2007/06/15 1:0 a.m.30 views

CVE-2007-3238

Cross-site scripting XSS vulnerability in functions.php in the default theme in WordPress 2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the PATHINFO REQUESTURI to wp-admin/themes.php, a different vulnerability than CVE-2007-1622. NOTE: this might not...

5AI score0.02EPSS
Exploits0References12
Prion
Prion
added 2007/06/14 7:30 p.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in 404.php in Domain Technologie Control DTC before 0.25.9 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO REQUESTURI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

4.3CVSS6AI score0.01033EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2007/06/14 12:0 a.m.21 views

WordPress Vistered Little Theme - XSS

Because of this vulnerability in 404.php, the attackers can inject arbitrary web script or HTML via the URI REQUESTURI that accesses index.php. Solution Update the theme...

4.3CVSS3AI score0.02776EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2007/06/08 12:0 a.m.21 views

WordPress Core 2.2 - 'Request_URI' Cross-Site Scripting

source: https://www.securityfocus.com/bid/24383/info WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user. This...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/05/23 12:0 a.m.21 views

sriweb-xss.txt

XSS found by fl0 fl0w in sri.ro Description: The Romanian Secret Service web site suffers from cross site scripting vulnerability. Author: fl0 fl0w Homepage: http://popesculescu.lx.ro File Size: 5,13 KB site 'search' variable XSS Cross Site Scripting in URI Desciption : This XSS variant usually...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2006/07/25 11:4 p.m.24 views

CVE-2006-3848

Cross-site scripting XSS vulnerability in CGI wrapper for IP Calculator IPCalc 0.40 allows remote attackers to inject arbitrary web script or HTML via the URI REQUESTURI environment variable, which is used in the actionurl variable...

2.6CVSS6.1AI score0.01672EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/12/14 11:0 a.m.19 views

CVE-2005-4221

SQL injection vulnerability in link.php in Arab Portal System 2 Beta 2 allows remote attackers to execute arbitrary SQL commands via the 1 PHPSESSID session ID or 2 REQUESTURI query string...

8.4AI score0.0112EPSS
Exploits0References5
CVE
CVE
added 2005/12/14 11:0 a.m.38 views

CVE-2005-4221

CVE-2005-4221 concerns an SQL injection in Arab Portal System 2 Beta 2, specifically in link.php. The vulnerability allows remote attackers to inject arbitrary SQL commands via the PHPSESSID (session ID) or the REQUEST_URI (query string). Public references confirm the issue and its CVE entry, but...

7.5CVSS8.8AI score0.0112EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder