Lucene search
K

41 matches found

OSV
OSV
added 2020/02/12 12:15 a.m.21 views

CVE-2020-8893

An issue was discovered in MISP before 2.4.121. The Galaxy view contained an incorrectly sanitized search string in app/View/Galaxies/view.ctp...

7.5CVSS6.8AI score
Exploits0References4
Prion
Prion
added 2020/02/12 12:15 a.m.17 views

Code injection

An issue was discovered in MISP before 2.4.121. The Galaxy view contained an incorrectly sanitized search string in app/View/Galaxies/view.ctp...

5CVSS7.5AI score0.02061EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/02/11 12:0 a.m.28 views

CVE-2020-8893

An issue was discovered in MISP before 2.4.121. The Galaxy view contained an incorrectly sanitized search string in app/View/Galaxies/view.ctp...

7.5AI score0.02061EPSS
Exploits0References4
OSV
OSV
added 2018/12/17 7:29 p.m.3 views

CVE-2018-19828

Artica Integria IMS 5.0.83 has XSS via the searchstring parameter...

6.1CVSS5.8AI score0.02273EPSS
Exploits5References2
NVD
NVD
added 2016/02/22 5:59 a.m.14 views

CVE-2016-0725

Cross-site scripting XSS vulnerability in the searchpagination function in course/classes/managementrenderer.php in Moodle 2.8.x before 2.8.10, 2.9.x before 2.9.4, and 3.0.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted search string...

6.1CVSS5.9AI score0.01568EPSS
Exploits0References6
Prion
Prion
added 2016/02/22 5:59 a.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in the searchpagination function in course/classes/managementrenderer.php in Moodle 2.8.x before 2.8.10, 2.9.x before 2.9.4, and 3.0.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted search string...

4.3CVSS6AI score0.01568EPSS
Exploits0References6Affected Software2
NVD
NVD
added 2009/02/19 3:30 p.m.16 views

CVE-2008-6168

Cross-site scripting XSS vulnerability in search.php in miniPortail 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified argument, probably the search string...

4.3CVSS5.8AI score0.01445EPSS
Exploits1References3
Cvelist
Cvelist
added 2007/07/31 10:0 a.m.21 views

CVE-2007-4102

Cross-site scripting XSS vulnerability in search.php for sBlog 0.7.3 Beta allows remote attackers to inject arbitrary HTML and web script via a leading '"/ sequence in the search string...

5.8AI score0.01073EPSS
Exploits1References4
Cvelist
Cvelist
added 2007/07/17 12:0 a.m.19 views

CVE-2007-3815

Buffer overflow in pirs32.exe in Poslovni informator Republike Slovenije PIRS 2007 allows local users to cause a denial of service application crash and possibly execute arbitrary code via a long search string in certain fields in the GUI. NOTE: this may cross privilege boundaries if PIRS is used...

7.5AI score0.0045EPSS
Exploits0References5
NVD
NVD
added 2007/06/26 11:30 p.m.17 views

CVE-2007-3417

Multiple cross-site scripting XSS vulnerabilities in cgi-bin/cgi-lib/search.pl in web-app.org WebAPP before 0.9.9.7 allow remote attackers to inject arbitrary web script or HTML via a search string, which is not sanitized when an HREF attribute is printed by the 1 processsearch or 2...

4.3CVSS5.7AI score0.01022EPSS
Exploits0References3
Cvelist
Cvelist
added 2007/06/26 11:0 p.m.22 views

CVE-2007-3417

Multiple cross-site scripting XSS vulnerabilities in cgi-bin/cgi-lib/search.pl in web-app.org WebAPP before 0.9.9.7 allow remote attackers to inject arbitrary web script or HTML via a search string, which is not sanitized when an HREF attribute is printed by the 1 processsearch or 2...

5.7AI score0.01022EPSS
Exploits0References3
CVE
CVE
added 2007/06/26 11:0 p.m.45 views

CVE-2007-3417

CVE-2007-3417 covers multiple XSS vulnerabilities in the WebAPP web-app.org CGI module: cgi-bin/cgi-lib/search.pl, where a non-sanitized search string is echoed into an HREF attribute by process_search or show_recent_searches. The issue affects WebAPP prior to version 0.9.9.7 and allows remote at...

4.3CVSS5.7AI score0.01022EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/06/26 5:0 p.m.29 views

CVE-2007-3183

Multiple SQL injection vulnerabilities in Calendarix 0.7.20070307, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 month and 2 year parameters to calendar.php and the 3 search string to calsearch.php...

8.3AI score0.04496EPSS
Exploits1References10
OSV
OSV
added 2007/06/20 10:30 p.m.7 views

CVE-2007-3299

Cross-site scripting XSS vulnerability in AWFFull before 3.7.4, when AllSearchStr aka the All Search Terms report is enabled, allows remote attackers to inject arbitrary web script or HTML via a search string...

5.7AI score
Exploits0References9
OSV
OSV
added 2007/06/20 10:30 p.m.2 views

DEBIAN-CVE-2007-3299

Cross-site scripting XSS vulnerability in AWFFull before 3.7.4, when AllSearchStr aka the All Search Terms report is enabled, allows remote attackers to inject arbitrary web script or HTML via a search string...

4.3CVSS5.9AI score0.01553EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2006/10/16 12:0 a.m.51 views

P-News 1.16 - Remote File Inclusion

============================================ P-News 1.16, 1.17 Remote File Inclusion Vulnerability ============================================ Discovered by vegas78 - feel82atweb.de ============================================ Greetz: scoper, corny, smaesch0r, Sascha Schmalz, ReFleCtion, BleX,...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2006/07/06 8:0 p.m.22 views

CVE-2006-3382

Cross-site scripting XSS vulnerability in search.php in mAds 1.0 allows remote attackers to inject arbitrary web script or HTML via the "search string"...

5.7AI score0.01368EPSS
Exploits1References7
Packet Storm
Packet Storm
added 2006/03/02 12:0 a.m.29 views

limboExec.txt

Official page : http://www.limbo-cms.com/ Vulnerable : Limbo 1. Fix : No Bug : http://somehost/path-to-limbo/index.php?option=frontpage&Itemid=systemCODE example : index.php?option=frontpage&Itemid=systemuname Google search string : inurl:"option=frontpage" -- Best Regards, Aleksander Hristov...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/06/28 4:0 a.m.17 views

CVE-2002-1931

Cross-site scripting XSS vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the search string...

5.8AI score0.01177EPSS
Exploits0References4
securityvulns
securityvulns
added 2002/05/25 12:0 a.m.33 views

Buffer overflow in PGP Public Key Server

Buffer overflow on long search string...

3.4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder