Lucene search
K

6498 matches found

CVE
CVE
added 2009/04/29 6:6 p.m.42 views

CVE-2008-6773

The CVE-2008-6773 entry concerns YourPlace 1.0.2 and earlier, where a static code injection flaw in user/internettoolbar/edit.php allows remote authenticated users to execute arbitrary PHP via 10 fav parameters, resulting in partial impact to confidentiality, integrity, and availability. The root...

6.5CVSS7.7AI score0.01923EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2009/04/28 4:30 p.m.22 views

CVE-2009-1463

Static code injection vulnerability in razorCMS before 0.4 allows remote attackers to inject arbitrary PHP code into any page by saving content as a .php file...

7.5CVSS7.2AI score0.01579EPSS
Exploits1References5
Prion
Prion
added 2009/04/28 4:30 p.m.17 views

Code injection

Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote attackers to inject arbitrary PHP code into const.inc.php via the installdbname parameter aka the Database Name field. NOTE: the installation instructions specify deleting admin/install.php...

10CVSS7.8AI score0.06317EPSS
Exploits0References2
Prion
Prion
added 2009/04/28 4:30 p.m.14 views

Code injection

Static code injection vulnerability in razorCMS before 0.4 allows remote attackers to inject arbitrary PHP code into any page by saving content as a .php file...

7.5CVSS7.7AI score0.01579EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2009/04/28 4:0 p.m.43 views

CVE-2009-1463

The CVE-2009-1463 entry affects razorCMS prior to version 0.4. The issue is a static code injection flaw that lets remote attackers save content as a .php file, enabling arbitrary PHP execution on affected pages. The underlying cause is improper handling of content/file saves that allows code to ...

7.5CVSS7.4AI score0.01579EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2009/04/28 4:0 p.m.50 views

CVE-2008-6761

CVE-2008-6761 affects Flexcustomer 0.0.6 and is a static code injection vulnerability in admin/install.php that enables remote attackers to inject arbitrary PHP into const.inc.php via the installdbname parameter (Database Name field). The issue stems from admin/install.php and installation notes ...

10CVSS7.5AI score0.06317EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2009/04/16 3:12 p.m.15 views

CVE-2009-1285

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

7.5CVSS7AI score0.10914EPSS
Exploits3References8
OSV
OSV
added 2009/04/16 3:12 p.m.6 views

CVE-2009-1285

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

7AI score
Exploits0References9
Prion
Prion
added 2009/04/16 3:12 p.m.22 views

Code injection

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

7.5CVSS7.6AI score0.10914EPSS
Exploits3References8Affected Software1
UbuntuCve
UbuntuCve
added 2009/04/16 3:12 p.m.22 views

CVE-2009-1285

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

7.5CVSS6AI score0.10914EPSS
Exploits3References2
CVE
CVE
added 2009/04/16 3:0 p.m.89 views

CVE-2009-1285

phpMyAdmin 3.x is affected by a static code injection in the getConfigFile function (setup/lib/ConfigFile.class.php) prior to 3.1.3.2, allowing remote attackers to inject arbitrary PHP into configuration files. Documented CVSS base 7.5 (HIGH) with network access and no authentication. Remediation...

7.5CVSS7.1AI score0.10914EPSS
Exploits3References8Affected Software1
NVD
NVD
added 2009/04/09 4:27 p.m.25 views

CVE-2009-1278

Static code injection vulnerability in forms/ajax/configure.php in Gravity Board X GBX 2.0 BETA allows remote attackers to inject arbitrary PHP code into config.php via the configure action to index.php...

7.5CVSS7.2AI score0.02312EPSS
Exploits1References3
CVE
CVE
added 2009/04/09 4:0 p.m.45 views

CVE-2009-1278

Gravity Board X (GBX) 2.0 BETA has a static code injection in forms/ajax/configure.php that allows remote attackers to inject arbitrary PHP code into config.php via the configure action to index.php. Affected: GBX 2.0 BETA; vulnerable file: forms/ajax/configure.php. Root cause: configuration work...

7.5CVSS7.5AI score0.02312EPSS
Exploits1References3Affected Software1
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.38 views

Mandriva Update for mysql MDVSA-2008:149 (mysql)

Check for the Version of mysql OpenVAS Vulnerability Test Mandriva Update for mysql MDVSA-2008:149 mysql Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

4.6CVSS8AI score0.02588EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.36 views

Mandriva Update for libpng MDKSA-2007:217 (libpng)

Check for the Version of libpng OpenVAS Vulnerability Test Mandriva Update for libpng MDKSA-2007:217 libpng Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

5CVSS7.1AI score0.04769EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.28 views

Mandriva Update for SDL_image MDVSA-2008:040 (SDL_image)

Check for the Version of SDLimage OpenVAS Vulnerability Test Mandriva Update for SDLimage MDVSA-2008:040 SDLimage Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

10CVSS0.1AI score0.10731EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.20 views

Mandriva Update for file MDKSA-2007:067 (file)

Check for the Version of file OpenVAS Vulnerability Test Mandriva Update for file MDKSA-2007:067 file Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

9.3CVSS0.3AI score0.12226EPSS
Exploits1References2
Prion
Prion
added 2009/04/07 2:17 p.m.15 views

Code injection

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP code into oxyhistory.php via the oxymsg parameter...

10CVSS7.8AI score0.03501EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2009/04/07 10:0 a.m.45 views

CVE-2008-6651

The CVE-2008-6651 entry covers a static code injection in OxYProject OxYBox 0.85, specifically in edithistory.php. The vulnerability arises because an attacker can inject arbitrary PHP code into oxyhistory.php through the oxymsg parameter, enabling remote code execution. The affected component is...

10CVSS7.5AI score0.03501EPSS
Exploits1References3Affected Software1
myhack58
myhack58
added 2009/04/06 12:0 a.m.13 views

Ftbbs7. 1 static GBK version 0day-vulnerability warning-the black bar safety net

conn. asp wood has done anti-injected into the, ftbbsmyinfo. asp and JB to an injection,a perfect match.. Posted on ftbbsmyinfo. asp source code: ASP/Visual Basic code 0 1.& lt;% 0 2. postuserid=request. QueryString”postuserid” 0 3. ftbbsuser=request. QueryString”ftbbsuser” 0 4. call FTBBSHTMLMBf...

7.4AI score
Exploits0
Rows per page
Query Builder