Lucene search
K

1673 matches found

CVE
CVE
added 2009/09/15 9:0 p.m.43 views

CVE-2009-3189

The CVE-2009-3189 entry describes an XSS in DigiOz Guestbook 1.7.2, exploitable through the search_term parameter in search.php, allowing remote injection of script/HTML. No remediation details are provided in the supplied documents.

4.3CVSS5.7AI score0.01498EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2009/09/15 9:0 p.m.44 views

CVE-2009-3197

CVE-2009-3197 describes a cross-site scripting (XSS) vulnerability in the PHP Calendars Script by JCE-Tech, specifically in search.php. The flaw lets remote attackers inject arbitrary web script or HTML by supplying a crafted value to the search parameter. The NVD metrics indicate a MEDIUM-severi...

4.3CVSS5.8AI score0.01097EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/09/11 8:0 p.m.24 views

CVE-2009-3171

Multiple cross-site scripting XSS vulnerabilities in Anantasoft Gazelle CMS 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 user parameter to user.php or 2 lookup parameter to search.php...

5.8AI score0.0153EPSS
Exploits1References5
exploitpack
exploitpack
added 2009/09/10 12:0 a.m.19 views

Datemill - search.php?st Cross-Site Scripting

Datemill - search.php?st Cross-Site Scripting source: https://www.securityfocus.com/bid/42896/info Datemill is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code i...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2009/09/10 12:0 a.m.24 views

Datemill - 'search.php?st' Cross-Site Scripting

source: https://www.securityfocus.com/bid/42896/info Datemill is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2009/08/26 12:0 a.m.20 views

DigiOz Guestbook 1.7.2 XSS

/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || DigiOz Guestbook 1.7.2 Remote XSS Vulnerabilities Discovered By : Moudi Contact : Download : http://www.digioz.com/guestbook/guestbook.zip...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/08/26 12:0 a.m.26 views

PHP Calendars Script Cross Site Scripting

/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || PHP Calendars Script Remote XSS Vulnerabilities Discovered By : Moudi Contact : Download : http://www.jce-tech.com/phpcalendars.php...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/08/26 12:0 a.m.53 views

Open Auto Classifieds 1.5.9 - Multiple Vulnerabilities

MorningStar Security - Advisory http://www.morningstarsecurity.com/ Multiple security issues in Open Auto Classifieds 1. Advisory Information ---------------------------------------------------------------------------------------------- Title: Multiple security issues in Open Auto Classifieds...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2009/08/26 12:0 a.m.30 views

PHP-Fusion-AP search.php Disclosure

===================================================== PHP-Fusion-AP-7.00.2-Rus search.php disclosure ways ===================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2009/08/26 12:0 a.m.47 views

Open Auto Classifieds 1.5.9 SQL Injection

MorningStar Security - Advisory http://www.morningstarsecurity.com/ Multiple security issues in Open Auto Classifieds 1. Advisory Information ---------------------------------------------------------------------------------------------- Title: Multiple security issues in Open Auto Classifieds...

1.2AI score
Exploits0
Packet Storm
Packet Storm
added 2009/08/26 12:0 a.m.30 views

Affiliate Master Script 2.0 XSS

/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || Affiliate Master Script V2.0 Remote XSS Vulnerabilities Discovered By : Moudi Contact : Download :...

0.5AI score
Exploits0
Prion
Prion
added 2009/08/20 5:30 p.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PG MatchMaking allow remote attackers to inject arbitrary web script or HTML via the show parameter to 1 browseladies.php and 2 browsemen.php, the 3 gender parameter to search.php, and the 4 id parameter to services.php...

4.3CVSS6.1AI score0.01511EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2009/07/21 12:0 a.m.33 views

phpDirectorySource 1.0 - Cross-Site Scripting / SQL Injection

============================================================================== » ! Coder - Developer HTML / CSS / PHP / Vb6 . ! ============================================================================== » Web Business Directory 1.0 search.php Multiple Remote Vulnerabilities...

7AI score
Exploits0
exploitpack
exploitpack
added 2009/07/20 12:0 a.m.8 views

DragDropCart - search.php?search Cross-Site Scripting

DragDropCart - search.php?search Cross-Site Scripting source: https://www.securityfocus.com/bid/43478/info DragDropCart is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrar...

6.8AI score
Exploits0
CVE
CVE
added 2009/07/10 5:0 p.m.48 views

CVE-2009-2424

CVE-2009-2424 affects Ebay Clone 2009 where the XSS vulnerability is caused by an injection in the search.php mode parameter. The impact is the ability to execute arbitrary script/HTML in the victim’s browser. Public references confirm the issue, and an exploit is listed by Exploit DB (per CIRCL ...

4.3CVSS5.9AI score0.01243EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns
added 2009/06/30 12:0 a.m.1625 views

SIPS v0.2.2 Remote File Inclusion Vulnerability

/=============================================================================================================================================== | | o SIPS v0.2.2 Remote File Inclusion Vulnerability | | Software : SIPS v0.2.2 | Vendor : http://www.phpscripts-fr.net/scripts/hosted/sips022.zip |...

1AI score
Exploits0
CVE
CVE
added 2009/06/27 6:0 p.m.42 views

CVE-2008-6838

CVE-2008-6838 is a Cross-site Scripting (XSS) vulnerability affecting Zoph 0.7.2.1, exposed via search.php. The issue allows remote attackers to inject arbitrary script or HTML through the _off parameter. The vulnerability description notes that the provenance of the information is from third par...

4.3CVSS5.7AI score0.0175EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/06/27 6:0 p.m.19 views

CVE-2008-6838

Cross-site scripting XSS vulnerability in search.php in Zoph 0.7.2.1 allows remote attackers to inject arbitrary web script or HTML via the off parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5.5AI score0.0175EPSS
Exploits1References3
NVD
NVD
added 2009/06/23 9:30 p.m.21 views

CVE-2009-2179

SQL injection vulnerability in search.php in phpDatingClub 3.7 allows remote attackers to execute arbitrary SQL commands via the sformday parameter...

7.5CVSS8.3AI score0.00952EPSS
Exploits0References2
exploitpack
exploitpack
added 2009/06/22 12:0 a.m.24 views

phpDatingClub 3.7 - SQL Injection Cross-Site Scripting Injection

phpDatingClub 3.7 - SQL Injection Cross-Site Scripting Injection phpDatingClub v 3.7ansubdepartmentsid SQL/XSS Injection Vulnerability Note: Algeria 2-0 Zambia Founder : ThE g0bL!N Home:WwW.Snakespc.CoM More info:http://www.w2b.ru/webapp.php?cat=phpDatingClub SQL Injection Vulnerability Exploit...

0.2AI score
Exploits0
Rows per page
Query Builder