CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PHPMyWind is a PHP MySQL-based development , W3C-compliant building engine . A SQL injection vulnerability exists in the PHPMyWind sysevent.php file. The vulnerability is due to the system siteid parameter does not filter the data submitted by the user, a remote attacker can exploit the...

8AI score

Exploits0

CNVD•added 2017/03/17 12:0 a.m.•2 views

PHPCMS siteid parameter has SQL injection vulnerability

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, pictures, downloads, information and products. PHPCMS is vulnerable to SQL injection. As the program failed to securely filter the encryption operation of siteid parameters...

7.3AI score

Exploits0

seebug.org•added 2016/03/19 12:0 a.m.•18 views

科创CMS search_process_hn.jsp 参数siteId SQL注入漏洞

No description provided by source...

7.1AI score

Exploits0

Packet Storm•added 2015/12/08 12:0 a.m.•20 views

ASP Dynamika 2.5 Cross Site Scripting

Exploit Title : ASP Dynamika 2.5 Cross Site Scripting Vulnerability Exploit Author : Persian Hack Team Vendor Homepage : http://www.dynamika.co.il/ Google Dork : "Powered By : Dynamika" Date : 2015/12/08 Version : 2.5 Vulnerable Paramter siteid= Bypass '"--alert0xa Demo:...

Exploits0

Prion•added 2010/04/13 8:30 p.m.•9 views

Sql injection

SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter...

7.5CVSS9.1AI score0.00372EPSS

Exploits1References2

NVD•added 2010/04/13 8:30 p.m.•9 views

CVE-2010-1370

SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter...

7.5CVSS8.4AI score0.00372EPSS

Exploits1References2

Cvelist•added 2010/04/13 8:20 p.m.•14 views

CVE-2010-1370

SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter...

8.4AI score0.00372EPSS

Exploits1References2

CVE•added 2010/04/13 8:20 p.m.•37 views

CVE-2010-1370

CVE-2010-1370 describes an SQL injection vulnerability in detailad.asp within Pre Classified Listings ASP, allowing remote attackers to execute arbitrary SQL commands via the siteid parameter. The NVD entry lists a base score of 7.5 (High) with network attack vector, low attack complexity, and no...

7.5CVSS8.7AI score0.00372EPSS

Exploits1References2Affected Software1

Cvelist•added 2009/08/03 2:0 p.m.•19 views

CVE-2008-6887

SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the siteid parameter...

8.4AI score0.00288EPSS

Exploits1References3

Prion•added 2009/06/22 2:30 p.m.•9 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Campus Virtual-LMS allow remote attackers to inject arbitrary web script or HTML via the 1 courseid parameter to enrolments/step1.php, or the 2 search or 3 siteid parameter to files/sharedlist.php...

4.3CVSS6.1AI score0.00513EPSS

Exploits0References2

NVD•added 2009/06/22 2:30 p.m.•11 views

CVE-2009-2149

4.3CVSS5.8AI score0.00513EPSS

Exploits0References2

ATTACKERKB•added 2009/01/22 4:30 p.m.•0 views

CVE-2009-0248

Cross-site scripting XSS vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to inject arbitrary web script or HTML via the siteID parameter...

4.3CVSS5.7AI score0.0313EPSS

Exploits1References5

NVD•added 2009/01/22 4:30 p.m.•7 views

CVE-2009-0248

Cross-site scripting XSS vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to inject arbitrary web script or HTML via the siteID parameter...

4.3CVSS5.7AI score0.0313EPSS

Exploits1References4

Prion•added 2009/01/22 4:30 p.m.•9 views

Cross site scripting

Cross-site scripting XSS vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to inject arbitrary web script or HTML via the siteID parameter...

4.3CVSS6.1AI score0.0313EPSS

Exploits1References4

Cvelist•added 2009/01/22 4:0 p.m.•12 views

CVE-2009-0248

Cross-site scripting XSS vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to inject arbitrary web script or HTML via the siteID parameter...

5.7AI score0.0313EPSS

Exploits1References4

NVD•added 2008/12/16 7:7 p.m.•7 views

CVE-2008-5588

SQL injection vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the siteID parameter...

7.5CVSS8.4AI score0.00414EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by