CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

CVE•added 2006/11/28 11:0 p.m.•41 views

CVE-2006-6154

The CVE-2006-6154 entry affects HIOX Star Rating System Script (HSRS) version 1.0 and earlier, with a PHP remote file inclusion flaw in addcode.php that allows an attacker to execute arbitrary PHP code via a URL parameter hm. This is described across NVD records; the base CVSSv2 score is 7.5 (HIG...

7.5CVSS7.9AI score0.15153EPSS

Exploits1References6Affected Software1

CVE•added 2006/11/28 11:0 p.m.•37 views

CVE-2006-6156

The CVE-2006-6156 entry describes a Cross-site scripting (XSS) vulnerability in the HIOX Star Rating System Script (HSRS) up to version 1.0, with the flaw located in auth/message.php and exploitable via the PHP_SELF query string. The underlying cause is unencoded user input that allows arbitrary ...

4.3CVSS5.8AI score0.00297EPSS

Exploits0References2Affected Software1

Exploit DB•added 2006/11/23 12:0 a.m.•37 views

HSRS 1.0 - 'addcode.php' Remote File Inclusion

--------------------------------------|| Viva Palestine ||----------------------------------------- --------------------------------------|| Free Saddam Hussien ||----------------------------------------- HSRS = 1.0 HIOX Star Rating System Script addcode.php Remote File Include Vulnerability Foun...

7.4AI score

Exploits0

exploitpack•added 2006/11/23 12:0 a.m.•20 views

HSRS 1.0 - addcode.php Remote File Inclusion

HSRS 1.0 - addcode.php Remote File Inclusion --------------------------------------|| Viva Palestine ||----------------------------------------- --------------------------------------|| Free Saddam Hussien ||----------------------------------------- HSRS = 1.0 HIOX Star Rating System Script...

Exploits0

0day.today•added 2006/11/23 12:0 a.m.•49 views

HSRS 1.0 (addcode.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ======================================================== HSRS 1.0 addcode.php Remote File Include Vulnerability ======================================================== --------------------------------------|| Viva Palestine...

7.1AI score

Exploits0

CVE•added 2006/05/12 12:0 a.m.•62 views

CVE-2006-2325

CVE-2006-2325 describes a cross-site scripting (XSS) vulnerability in index.php of the OnlyScript.info Online Universal Payment System Script. It allows remote attackers to inject arbitrary web script or HTML via the read parameter, with the note that the issue might originate from directory trav...

6.8CVSS5.6AI score0.00828EPSS

Exploits0References5Affected Software1

CVE•added 2006/05/12 12:0 a.m.•44 views

CVE-2006-2326

The CVE describes a directory traversal vulnerability in index.php of the OnlyScript.info Online Universal Payment System Script. The flaw allows remote attackers to read arbitrary files via traversal sequences in the read parameter, leading to partial confidentiality impact. Affected component: ...

5CVSS6.5AI score0.00708EPSS

Exploits0References5Affected Software1