Lucene search
K

133 matches found

ATTACKERKB
ATTACKERKB
added 2008/06/24 7:41 p.m.1 views

CVE-2008-2840

Multiple directory traversal vulnerabilities in Exero CMS 1.0.0 and 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the theme parameter to 1 custompage.php, 2 errors/404.php, 3 members/memberslist.php, 4 members/profile.php, 5 news/fullview.php, 6...

6.8CVSS6AI score0.01268EPSS
Exploits0References4
NVD
NVD
added 2008/06/24 7:41 p.m.13 views

CVE-2008-2840

Multiple directory traversal vulnerabilities in Exero CMS 1.0.0 and 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the theme parameter to 1 custompage.php, 2 errors/404.php, 3 members/memberslist.php, 4 members/profile.php, 5 news/fullview.php, 6...

6.8CVSS7.3AI score0.01268EPSS
Exploits0References3
Prion
Prion
added 2007/04/26 9:19 p.m.16 views

Directory traversal

Multiple directory traversal vulnerabilities in Quick and Dirty Blog QDBlog 0.4, and possibly earlier, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the theme parameter to categories.php and other unspecified files...

7.5CVSS7.9AI score0.02687EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2007/04/24 8:19 p.m.9 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board GPB unstable-2001.11.14-1 allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to 1 db.mysql.inc.php or 2 gpb.inc.php in include/, or the 3 theme parameter to themes/ubb/login.php...

7.5CVSS8.2AI score0.03386EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.24 views

Debian DSA-901-1 : gnump3d - programming error

Several vulnerabilities have been discovered in gnump3d, a streaming server for MP3 and OGG files. The Common Vulnerabilities and Exposures Project identifies the following problems : - CVE-2005-3349 Ludwig Nussel discovered several temporary files that are created with predictable filenames in a...

6.4CVSS5.4AI score0.02226EPSS
Exploits0References3
securityvulns
securityvulns
added 2006/05/30 12:0 a.m.32 views

Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities

Dkmanlar »» Dkman oku --Security Report-- Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 03:16 PM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendor: MiniNuke...

0.7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2006/05/16 10:2 a.m.27 views

CVE-2006-2417

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...

4.3CVSS6.1AI score0.02085EPSS
Exploits0References1
OSV
OSV
added 2006/05/16 10:2 a.m.1 views

DEBIAN-CVE-2006-2417

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...

4.3CVSS7.9AI score0.02085EPSS
Exploits0References1
Prion
Prion
added 2006/03/19 1:2 a.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the settheme parameter...

4.3CVSS6AI score0.02516EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2006/03/19 1:2 a.m.26 views

CVE-2006-1258

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the settheme parameter...

4.3CVSS5.6AI score0.02516EPSS
Exploits1References7
OSV
OSV
added 2006/03/19 1:2 a.m.3 views

DEBIAN-CVE-2006-1258

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the settheme parameter...

4.3CVSS6AI score0.02516EPSS
Exploits1References1
CVE
CVE
added 2005/08/16 4:0 a.m.52 views

CVE-2005-2561

MYFAQ 1.0 contains multiple SQL injection vulnerabilities reachable via the Theme, SousTheme, Faq, and question parameters across several PHP pages (affichagefaq.php3, choixsoustheme.php3, consultation.php3, insfaq.php3, inssoustheme.php3, instheme.php3, saisiefaqtotale.php3, saisiesoustheme.php3...

7.5CVSS8.9AI score0.01211EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2005/05/02 4:0 a.m.4 views

DEBIAN-CVE-2005-0567

Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the 1 theme parameter to phpmyadmin.css.php or 2 cfgServerextension parameter to databaseinterface.lib.php to reference a URL on a remote web server that contai...

7.5CVSS7.7AI score0.02726EPSS
Exploits0References1
Rows per page
Query Builder