Lucene search
K

31 matches found

CVE
CVE
added 2006/06/09 10:0 a.m.53 views

CVE-2006-2912

CVE-2006-2912 affects SelectaPix 1.31. Multiple SQL injection vulnerabilities exist in the web interface: parameters albumID (view_album.php, index.php), imageID (popup.php), and username/password (admin/member.php). Remote attackers could inject SQL commands to access or modify the database. Pro...

7.5CVSS8.7AI score0.02004EPSS
Exploits3References11Affected Software1
securityvulns
securityvulns
added 2006/06/09 12:0 a.m.35 views

[SA20134] SelectaPix Cross-Site Scripting and SQL Injection Vulnerabilities

---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerabilit...

0.9AI score
Exploits0
Prion
Prion
added 2006/06/01 1:2 a.m.11 views

Sql injection

SQL injection vulnerability in viewalbum.php in SelectaPix 1.4 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources...

7.5CVSS8.8AI score0.01114EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2006/06/01 1:2 a.m.14 views

CVE-2006-2722

SQL injection vulnerability in viewalbum.php in SelectaPix 1.4 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources...

7.5CVSS8AI score0.01114EPSS
Exploits0References2
CVE
CVE
added 2006/06/01 1:0 a.m.43 views

CVE-2006-2722

CVE-2006-2722 : The connected documents confirm a SQL injection vulnerability in SelectaPix 1.4, affecting the view_album.php component. The vulnerability allows remote attackers to execute arbitrary SQL commands via unknown vectors. The exact exploit path, affected versions beyond 1.4, and remed...

7.5CVSS8.1AI score0.01114EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2006/06/01 1:0 a.m.17 views

CVE-2006-2722

SQL injection vulnerability in viewalbum.php in SelectaPix 1.4 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources...

8AI score0.01114EPSS
Exploits0References2
securityvulns
securityvulns
added 2006/06/01 12:0 a.m.29 views

SelectaPix System SQL Injection

SelectaPix System SQL Injection Vulnerabilities SpC-x Credit : SpC-X Site : http://www.Cyber-security.org Code : http://www.site.com/path/viewalbum.php?albumID=SQL Example : http://www.outofthetrees.co.uk/selectapix/demo/viewalbum.php?albumID=SQL /SpC-x -- Get your free email from...

0.4AI score
Exploits0
Prion
Prion
added 2006/05/19 10:2 a.m.21 views

Design/Logic Flaw

viewalbum.php in SelectaPix 1.31 and earlier allows remote attackers to obtain the installation path via a certain request, which displays the path in an error message, possibly due to an invalid or missing parameter...

5CVSS7.2AI score0.01269EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2006/05/19 10:2 a.m.21 views

CVE-2006-2463

viewalbum.php in SelectaPix 1.31 and earlier allows remote attackers to obtain the installation path via a certain request, which displays the path in an error message, possibly due to an invalid or missing parameter...

5CVSS6.6AI score0.01269EPSS
Exploits1References1
Cvelist
Cvelist
added 2006/05/19 10:0 a.m.24 views

CVE-2006-2463

viewalbum.php in SelectaPix 1.31 and earlier allows remote attackers to obtain the installation path via a certain request, which displays the path in an error message, possibly due to an invalid or missing parameter...

6.6AI score0.01269EPSS
Exploits1References1
CVE
CVE
added 2006/05/19 10:0 a.m.41 views

CVE-2006-2463

CVE-2006-2463 affects SelectaPix 1.31 and earlier. The vulnerability stems from view_album.php where an invalid or missing parameter causes an error message to reveal the installation path, exposing sensitive directory information. The available sources confirm the affected product/version and th...

5CVSS6.7AI score0.01269EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder