Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-4843

Malware in sbrugna...

4.3CVSS6.4AI score0.01849EPSS
Exploits2References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-4844

Malware in sbrugna...

6.8CVSS6.4AI score0.0118EPSS
Exploits2References9
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.9 views

Saxon 5.4 Example.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26238/info Saxon is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Saxon 5.4 Menu.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26237/info Saxon is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser...

7.1AI score
Exploits0
NVD
NVD
added 2007/10/30 9:46 p.m.26 views

CVE-2007-4862

Cross-site scripting XSS vulnerability in admin/menu.php in SAXON 5.4 allows remote attackers to inject arbitrary web script or HTML via the confignewsurl parameter...

4.3CVSS5.6AI score0.01849EPSS
Exploits2References7
Prion
Prion
added 2007/10/30 9:46 p.m.13 views

Design/Logic Flaw

SAXON 5.4, with displayerrors enabled, allows remote attackers to obtain sensitive information via 1 a direct request for news.php, 2 an invalid use of a newsid array parameter to admin/edit-item.php, and possibly unspecified vectors related to additional scripts in 3 admin/, 4 rss/, and 5 the ro...

5CVSS6.8AI score0.01814EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2007/10/30 9:0 p.m.26 views

CVE-2007-4862

Cross-site scripting XSS vulnerability in admin/menu.php in SAXON 5.4 allows remote attackers to inject arbitrary web script or HTML via the confignewsurl parameter...

5.6AI score0.01849EPSS
Exploits2References7
Cvelist
Cvelist
added 2007/10/30 9:0 p.m.28 views

CVE-2007-4861

SAXON 5.4, with displayerrors enabled, allows remote attackers to obtain sensitive information via 1 a direct request for news.php, 2 an invalid use of a newsid array parameter to admin/edit-item.php, and possibly unspecified vectors related to additional scripts in 3 admin/, 4 rss/, and 5 the ro...

6.3AI score0.01814EPSS
Exploits0References10
CVE
CVE
added 2007/10/30 9:0 p.m.53 views

CVE-2007-4861

SAXON 5.4 is affected by multiple path disclosure flaws when display_errors is enabled. Exploitation vectors include direct requests to news.php, improper handling of newsid in admin/edit-item.php, and other scripts under admin/, rss/, and the installation root, which reveal server paths in error...

5CVSS6.3AI score0.01814EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2007/10/30 9:0 p.m.50 views

CVE-2007-4862

CVE-2007-4862 is a documented XSS vulnerability affecting SAXON 5.4 in admin/menu.php via config[news_url]. Exploitation requires register_globals On and magic_quotes_gpc Off; the NVD/NVD-derived reports list a Medium impact (I/P) and network access with no confidentiality or availability impact,...

4.3CVSS5.6AI score0.01849EPSS
Exploits2References7Affected Software1
CVE
CVE
added 2007/10/30 9:0 p.m.59 views

CVE-2007-4863

The CVE-2007-4863 entry concerns SAXON version 5.4, where a SQL injection vulnerability exists in example.php via the template parameter. The vulnerability arises when PHP magic_quotes_gpc is Off, allowing remote attackers to execute arbitrary SQL commands, potentially exposing data or altering i...

6.8CVSS8.3AI score0.0118EPSS
Exploits2References7Affected Software1
securityvulns
securityvulns
added 2007/10/29 12:0 a.m.58 views

SAXON version 5.4 XSS Attack Vulnerability

netVigilance Security Advisory 54 SAXON version 5.4 XSS Attack Vulnerability Description: SAXON is a simple accessible online news publishing system for personal and small corporate site owners. Publish news, using configurable templates, on any .php page on your site. Publish news on a 'per...

4.3CVSS0.8AI score0.01849EPSS
Exploits2
exploitpack
exploitpack
added 2007/10/29 12:0 a.m.9 views

Saxon 5.4 - Example.php SQL Injection

Saxon 5.4 - Example.php SQL Injection source: https://www.securityfocus.com/bid/26238/info Saxon is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

8.6AI score
Exploits0
Rows per page
Query Builder