CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2006-2279

Malware in sbrugna...

5CVSS6.4AI score0.01582EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-1720

Malware in sbrugna...

4.3CVSS6.4AI score0.01176EPSS

Exploits0References7

Prion•added 2006/05/10 2:14 a.m.•11 views

Sql injection

Multiple SQL injection vulnerabilities in SaphpLesson 3.0 allow remote attackers to execute arbitrary SQL commands via 1 the Find parameter in a search.php, and the 2 LID and 3 Rate parameters in b misc.php...

7.5CVSS9.3AI score0.02148EPSS

Exploits0References8Affected Software1

Cvelist•added 2006/05/09 11:0 p.m.•25 views

CVE-2006-2278

SaphpLesson 3.0 does not initialize array variables, which allows remote attackers to obtain the full path via an non-array 1 hrow parameter to a show.php or b index.php; the 2 Lsnrow parameter to c showcat.php; or the 3 rows parameter to index.php...

6.6AI score0.01582EPSS

Exploits0References7

Cvelist•added 2006/05/09 11:0 p.m.•15 views

CVE-2006-2279

8.5AI score0.02148EPSS

Exploits0References8

CVE•added 2006/05/09 11:0 p.m.•37 views

CVE-2006-2279

CVE-2006-2279 affects SaphpLesson 3.0 with multiple SQL injection flaws. The vulnerability allows remote attackers to execute arbitrary SQL via (1) Find parameter in search.php and (2) LID and (3) Rate parameters in misc.php. NVD lists a base score of 7.5 (HIGH) with network attack vector and no ...

7.5CVSS8.5AI score0.02148EPSS

Exploits0References8Affected Software1

CVE•added 2006/05/09 11:0 p.m.•47 views

CVE-2006-2278

SaphpLesson 3.0 contains an input handling flaw: it does not initialize array variables, enabling an attacker to disclose the full filesystem path via non-array parameters. The affected vectors are (1) hrow to show.php or index.php; (2) Lsnrow to showcat.php; and (3) rows to index.php. This is a ...

5CVSS6.6AI score0.01582EPSS

Exploits0References7Affected Software1

Packet Storm•added 2006/05/06 12:0 a.m.•32 views

SaPHPLession30.txt

SaPHPLesson 3.0 Multbugs By :-- D3vil-0x1 | Devil-00 --: 1- Unfilter array Filename :- show.php Line :- 102 code $hrow = $Row2;/code Fix :- Add To Line 11 /show.php This Code :- we add the code to global to fix all unfilter ver. at the code : code $hrow = array;/code Exploit :- GET ^...

7.4AI score

Exploits0

Prion•added 2006/04/11 11:2 p.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in SaphpLesson 3.0 allows remote attackers to inject arbitrary web script or HTML via the Word parameter. NOTE: it is possible that this issue is resultant from SQL injection...

4.3CVSS7AI score0.01176EPSS

Exploits0References6Affected Software1

NVD•added 2006/04/11 11:2 p.m.•15 views

CVE-2006-1720

4.3CVSS6.4AI score0.01176EPSS

Exploits0References6

CVE•added 2006/04/11 11:0 p.m.•35 views

CVE-2006-1720

SaphpLesson 3.0 is affected by an XSS in search.php via the Word parameter. The issue may stem from SQL injection, per the CVE description. Detailing: vulnerable component is search.php (Word param in SaphpLesson 3.0), root cause is unsanitized input leading to script/HTML injection. Impact per s...

4.3CVSS6.4AI score0.01176EPSS

Exploits0References6Affected Software1

Cvelist•added 2006/04/11 11:0 p.m.•15 views

CVE-2006-1720

6.4AI score0.01176EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by