Lucene search
K

6 matches found

NVD
NVD
added 2008/09/30 11:24 p.m.15 views

CVE-2008-4365

Cross-site scripting XSS vulnerability in search.php in Siteman 1.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS5.6AI score0.00845EPSS
Exploits0References2
Prion
Prion
added 2008/09/30 11:24 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in Siteman 1.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS6AI score0.00845EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2008/09/30 9:0 p.m.50 views

CVE-2008-4365

CVE-2008-4365 describes a cross-site scripting (XSS) vulnerability in the search.php of Siteman 1.1.11 and earlier . The affected component is the search.php implementation, with the underlying cause described as an XSS vulnerability; the vectors are listed as unknown. The practical impact is tha...

4.3CVSS5.6AI score0.00845EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2007/01/30 6:28 p.m.9 views

CVE-2007-0593

Siteman 1.1.11 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for data/members.txt...

5CVSS6.5AI score0.01482EPSS
Exploits0References7
Cvelist
Cvelist
added 2007/01/30 6:0 p.m.16 views

CVE-2007-0593

Siteman 1.1.11 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for data/members.txt...

6.5AI score0.01482EPSS
Exploits0References7
CVE
CVE
added 2007/01/30 6:0 p.m.43 views

CVE-2007-0593

CVE-2007-0593 affects Siteman 1.1.11, where sensitive data is stored under the web root with insufficient access control. An unauthenticated remote attacker can access data/members.txt to download a database containing password hashes. The description, supported by NVD entries, does not provide t...

5CVSS6.5AI score0.01482EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder