Lucene search
K

19 matches found

Packet Storm
Packet Storm
added 2024/09/18 12:0 a.m.475 views

Membership Management System 1.1 SQL Injection

==================================================================================================================================== | Title : Membership Management System 1.1 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64...

7.4AI score
Exploits0
OSV
OSV
added 2024/03/08 2:15 a.m.3 views

CVE-2024-23258

An out-of-bounds read was addressed with improved input validation. This issue is fixed in visionOS 1.1, macOS Sonoma 14.4. Processing an image may lead to arbitrary code execution...

7.8CVSS6AI score
Exploits0References6
Packet Storm
Packet Storm
added 2021/08/04 12:0 a.m.538 views

Client Management System 1.1 Cross Site Scripting

Exploit Title: Client Management System 1.1 - 'cname' Stored Cross-site scripting XSS Date: 2021-08-04 Exploit Author: Mohammad Koochaki Vendor Homepage: https://phpgurukul.com/client-management-system-using-php-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10841...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/08/04 12:0 a.m.424 views

Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)

Exploit Title: Client Management System 1.1 - 'cname' Stored Cross-site scripting XSS Date: 2021-08-04 Exploit Author: Mohammad Koochaki Vendor Homepage: https://phpgurukul.com/client-management-system-using-php-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10841...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/15 12:0 a.m.146 views

Client Management System 1.1 - 'username' Stored Cross-Site Scripting (XSS)

Exploit Title: Client Management System 1.1 - 'username' Stored Cross-Site Scripting XSS Date: 14 June 2021 Exploit Author: BHAVESH KAUL Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/client-management-system-using-php-mysql/ Version: 1.1 Tested on: Server: XAMPP...

7.4AI score
Exploits0
NVD
NVD
added 2012/06/21 4:55 p.m.15 views

CVE-2012-3791

Multiple SQL injection vulnerabilities in Simple Web Content Management System 1.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 itemdelete.php, 2 itemstatus.php, 3 itemdetail.php, 4 itemmodify.php, or 5 itemposition.php in admin/; or 6 status parameter to...

7.5CVSS8.5AI score0.01256EPSS
Exploits2References6
CVE
CVE
added 2012/06/21 4:0 p.m.42 views

CVE-2012-3791

CVE-2012-3791 affects Simple Web Content Management System 1.1. The vulnerability is a set of SQL injection flaws exploitable via the id parameter to admin/item_delete.php, admin/item_status.php, admin/item_detail.php, admin/item_modify.php, admin/item_position.php, and the status parameter to ad...

7.5CVSS8.8AI score0.01256EPSS
Exploits2References6Affected Software1
CVE
CVE
added 2009/02/11 5:25 p.m.40 views

CVE-2008-6111

The CVE-2008-6111 entry concerns a SQL injection in NetArt Media Vlog System 1.1, exploitable via the note parameter in blog.php. Affected component: blog.php within NetArt Media Vlog System 1.1. Root cause: unsanitized input leading to arbitrary SQL execution. Impact per NVD: partial confidentia...

7.5CVSS8.7AI score0.01144EPSS
Exploits1References5Affected Software1
Exploit DB
Exploit DB
added 2008/11/22 12:0 a.m.46 views

Vlog System 1.1 - SQL Injection

Viva IslaM Viva IslaM Remote SQL injection Vulnerability Vlog System V1.1 blog.php user AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM && WwW.AtsDp.CoM/f Email : [email protected] SYRIAN Arab HACkErS -: Exploite :-...

7.4AI score
Exploits0
Prion
Prion
added 2007/02/09 1:28 a.m.12 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in local Calendar System 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 TEMPLATEDIR parameter to a showinvoices.php, b showmonth.php, c showevents.php, d retrieveinvoice.php, e modifyitem.php, and f lookupuserid.php; ...

7.5CVSS7.7AI score0.01194EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2006/10/20 5:7 p.m.10 views

CVE-2006-5426

PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal Calendar System 1.1 remote attackers to execute arbitrary PHP code via a URL in the LIBDIR parameter...

7.5CVSS7.5AI score0.02664EPSS
Exploits1References5
CVE
CVE
added 2006/10/20 5:0 p.m.46 views

CVE-2006-5426

CVE-2006-5426 affects LoCal Calendar System 1.1. A vulnerability in the file lib/lcUser.php allows remote attackers to execute arbitrary PHP code via a URL supplied to the LIBDIR parameter, due to a remote file inclusion vulnerability. The CVE entry indicates this is a PHP RFI with potential impa...

7.5CVSS7.9AI score0.02664EPSS
Exploits1References5Affected Software1
exploitpack
exploitpack
added 2006/03/07 12:0 a.m.12 views

CilemNews System 1.1 - yazdir.asp haber_id SQL Injection

CilemNews System 1.1 - yazdir.asp haberid SQL Injection !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Usage: cilem.pl Original Advisory: http://www.nukedx.com/?viewdoc=10 googledork inurl:yazdir.asp?haberid= 2.140...

0.4AI score
Exploits0
CVE
CVE
added 2005/12/06 11:0 a.m.31 views

CVE-2005-4032

CVE-2005-4032 describes a cross-site scripting (XSS) vulnerability in search.cgi of Easy Search System 1.1 and earlier. The flaw allows remote attackers to inject arbitrary web script or HTML through the q parameter. The available connected documents confirm the existence of the vulnerability and...

4.3CVSS6AI score0.01752EPSS
Exploits1References4
securityvulns
securityvulns
added 2005/11/29 12:0 a.m.48 views

Survey System 1.1 SQL inj. vuln.

Survey System 1.1 SQL inj. vuln. Vuln. dicovered by : r0t Date: 29 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/survey-system-11-sql-inj-vuln.html Vendor:http://ilyav.net/?q=node/22 affected version:1.1 and prior Product Description: This extremely detailed Survey application ha...

0.6AI score
Exploits0
CVE
CVE
added 2005/06/28 4:0 a.m.57 views

CVE-2002-1808

CVE-2002-1808 describes a cross-site scripting (XSS) flaw in Meunity Community System 1.1 . The vulnerability allows remote attackers to inject arbitrary web script or HTML by placing Javascript in an IMG tag during topic creation. The root cause, as stated, is insufficient input sanitization of ...

4.3CVSS5.9AI score0.01242EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2005/05/31 4:0 a.m.37 views

CVE-2005-1786

Summary (CVE-2005-1786): FunkyASP AD System 1.1 is affected by an SQL injection in the admin.asp file, exploitable via the password parameter to execute arbitrary SQL and gain privileges. The vulnerability is described across multiple records (CVE/NT NVD entries and PT-2005-2754). The exploitatio...

7.5CVSS9.1AI score0.01345EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2005/05/25 4:0 a.m.10 views

CVE-2005-1786

SQL injection vulnerability in admin.asp in FunkyASP AD System 1.1 allows remote attackers to execute arbitrary SQL commands and gain privileges via the password parameter...

7.5CVSS8.7AI score0.01345EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2005/05/25 12:0 a.m.4 views

PT-2005-2754 · Funkyasp · Funkyasp Ad System

Name of the Vulnerable Software and Affected Versions: FunkyASP AD System version 1.1 Description: The issue allows remote attackers to execute arbitrary SQL commands and gain privileges. This is achieved via the password parameter in the admin.asp file. Recommendations: For FunkyASP AD System...

7.5CVSS8AI score0.01345EPSS
Exploits1References5
Rows per page
Query Builder