CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. Siteman 2.X 0Day Multiple Remote Vulnerabilities CODE EXECUTION/LFI/XSS AUTHOR : IRCRASH Dr.Crash Or Khashayar Fereidani Discovered by : IRCRASH Dr.Crash Or Khashayar Fereidani IRCRASH Team Members : Dr.Crash Or Khashayar Fereidani - Hadi Kiamarsi - Malc0de -...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•12 views

Siteman 2.0.x2 - 'module' Parameter Cross-Site Scripting and Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28943/info Siteman is prone to a local file-include vulnerability and a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this as a...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•25 views

Siteman 1.1 User Database Privilege Escalation Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/12304/info Siteman is reported prone to a vulnerability that may allow users to gain elevated privileges. This issue results from insufficient sanitization of user-supplied data. Apparently, an attacker can supply...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•15 views

Siteman 1.1 User Database Privilege Escalation Vulnerability (2)

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•20 views

Siteman <= 1.1.10 Remote Administrative Account Addition Exploit

No description provided by source. !/usr/bin/perl -w Exploit by Noam Rathaus - Beyond Security Ltd. Exploit for the SiteMan vulnerability discovered by: amironline452 [email protected] use Digest::MD5 qwmd5 md5hex md5base64; use IO::Socket; use strict; ./siteman.pl / vulnerable.host ...

7.1AI score

Exploits0

NVD•added 2008/09/30 11:24 p.m.•12 views

CVE-2008-4365

Cross-site scripting XSS vulnerability in search.php in Siteman 1.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS5.6AI score0.00225EPSS

Exploits0References2

Prion•added 2008/09/30 11:24 p.m.•8 views

Cross site scripting

4.3CVSS6AI score0.00225EPSS

Exploits0References2Affected Software1

CVE•added 2008/09/30 9:0 p.m.•47 views

CVE-2008-4365

CVE-2008-4365 describes a cross-site scripting (XSS) vulnerability in the search.php of Siteman 1.1.11 and earlier . The affected component is the search.php implementation, with the underlying cause described as an XSS vulnerability; the vectors are listed as unknown. The practical impact is tha...

4.3CVSS5.6AI score0.00225EPSS

Exploits0References2Affected Software1

Cvelist•added 2008/09/30 9:0 p.m.•10 views

CVE-2008-4365

5.6AI score0.00225EPSS

Exploits0References2

NVD•added 2008/05/05 5:20 p.m.•10 views

CVE-2008-2081

Directory traversal vulnerability in index.php in Siteman 2.0.x2 allows remote authenticated administrators to include and execute arbitrary local files via a .. dot dot in the module parameter...

9CVSS6.8AI score0.03291EPSS

Exploits1References5

NVD•added 2008/05/05 5:20 p.m.•8 views

CVE-2008-2082

Cross-site scripting XSS vulnerability in index.php in Siteman 2.0.x2 allows remote attackers to inject arbitrary web script or HTML via the module parameter, which leaks the path in an error message...

4.3CVSS5.7AI score0.03173EPSS

Exploits1References4

Prion•added 2008/05/05 5:20 p.m.•10 views

Directory traversal

Directory traversal vulnerability in index.php in Siteman 2.0.x2 allows remote authenticated administrators to include and execute arbitrary local files via a .. dot dot in the module parameter...

9CVSS7.2AI score0.03291EPSS

Exploits1References5Affected Software1

CVE•added 2008/05/05 5:0 p.m.•33 views

CVE-2008-2081

The CVE-2008-2081 entry documents a directory traversal (Local File Inclusion) in index.php of Siteman 2.0.x2. The issue, exploitable by remote authenticated administrators via a .. in the module parameter, enables inclusion and execution of arbitrary local files. Root cause: insufficient input s...

9CVSS6.8AI score0.03291EPSS

Exploits1References5Affected Software1

Cvelist•added 2008/05/05 5:0 p.m.•10 views

CVE-2008-2082

5.7AI score0.03173EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by