CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. !/usr/bin/perl Affected.scr..: Tr Forum V2.0 Poc.ID........: 10060903 Type..........: SQL Injection, Bypass Security Restriction Risk.level....: Medium Vendor.Status.: Unpatched Src.download..: comscripts.com/scripts/php.tr-forum.1579.html Poc.link......:...

7.1AI score

Exploits0

exploitpack•added 2010/04/29 12:0 a.m.•17 views

TR Forum 1.5 - Multiple Vulnerabilities

TR Forum 1.5 - Multiple Vulnerabilities ======================================================================================== | Title : TR Forum 1.5 Mullti Vulnerability | Author : indoushka | email : [email protected] | Home : www.iqs3cur1ty.com/vb | Tested on: windows SP2 Français V.Pnx2...

0.3AI score

Exploits0

Exploit DB•added 2010/04/29 12:0 a.m.•28 views

TR Forum 1.5 - Multiple Vulnerabilities

7.4AI score

Exploits0

Packet Storm•added 2010/04/29 12:0 a.m.•20 views

TR Forum 1.5 Cross Site Scripting / SQL Injection

0.3AI score

Exploits0

0day.today•added 2010/04/25 12:0 a.m.•17 views

TR Forum 1.5 insert admin CSRF Vulnerability

Exploit for php platform in category web applications ============================================ TR Forum 1.5 insert admin CSRF Vulnerability ============================================ ======================================================================================== | Title : TR Forum...

7.1AI score

Exploits0

seebug.org•added 2006/10/25 12:0 a.m.•324 views

TR Forum SQL注入及认证绕过漏洞

Tr Forum是一款法语的论坛程序。 Tr Forum中的多个漏洞允许恶意用户执行SQL注入攻击和绕过某些安全限制。 1 admin/insertadmin.php文件中缺少认证，允许创建拥有有限权限的管理员帐号。 2 没有正确过滤对admin/editer.php文件中id2参数的输入，允许攻击者通过注入任意SQL代码操控SQL查询。成功攻击要求某些管理权限。 3 在更新配置文件时缺少访问验证，允许通过更改id参数修改其他用户的设置。组合使用1和2所述漏洞允许以完全权限访问管理部分。 Tr Forum Tr Forum 2.0 我们建议使用此软件的用户随时关注厂商的主页以获取最新版...

7.1AI score

Exploits0

Packet Storm•added 2006/09/07 12:0 a.m.•35 views

trforum20.txt

!/usr/bin/perl Affected.scr..: Tr Forum V2.0 Poc.ID........: 10060903 Type..........: SQL Injection, Bypass Security Restriction Risk.level....: Medium Vendor.Status.: Unpatched Src.download..: comscripts.com/scripts/php.tr-forum.1579.html Poc.link......: acid-root.new.fr/poc/10060903.txt...

7.4AI score

Exploits0

NVD•added 2006/09/06 10:4 p.m.•10 views

CVE-2006-4584

Tr Forum 2.0 allows remote attackers to bypass authentication and add an administrative account via the login and password parameters to admin/insertadmin.php...

7.5CVSS7.2AI score0.20107EPSS

Exploits1References10

NVD•added 2006/09/06 10:4 p.m.•8 views

CVE-2006-4585

SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows remote authenticated users to execute arbitrary SQL commands via the id2 parameter. NOTE: this can be leveraged with other Tr Forum vulnerabilities to allow unauthenticated attackers to gain privileges...

9CVSS8.4AI score0.05345EPSS

Exploits1References10

NVD•added 2006/09/06 10:4 p.m.•8 views

CVE-2006-4586

The admin panel in Tr Forum 2.0 accepts a username and password hash for authentication, which allows remote authenticated users to perform unauthorized actions, as demonstrated by modifying user settings via the id parameter to /membres/modifprofil.php, and changing a password via...

5.5CVSS7.1AI score0.0938EPSS

Exploits1References10

Cvelist•added 2006/09/06 10:0 p.m.•11 views

CVE-2006-4586

7.1AI score0.0938EPSS

Exploits1References10

CVE•added 2006/09/06 10:0 p.m.•31 views

CVE-2006-4586

CVE-2006-4586 affects the Tr Forum 2.0 admin panel, where authentication can be done by supplying a username and password hash. This enables remote authenticated users to perform unauthorized actions such as modifying user profile settings via /membres/modif_profil.php (id parameter) and changing...

5.5CVSS7.5AI score0.0938EPSS

Exploits1References10Affected Software1

Cvelist•added 2006/09/06 10:0 p.m.•16 views

CVE-2006-4584

Tr Forum 2.0 allows remote attackers to bypass authentication and add an administrative account via the login and password parameters to admin/insertadmin.php...

7.2AI score0.20107EPSS

Exploits1References10

Cvelist•added 2006/09/06 10:0 p.m.•13 views

CVE-2006-4585

8.4AI score0.05345EPSS

Exploits1References10

CVE•added 2006/09/06 10:0 p.m.•31 views

CVE-2006-4584

Tr Forum 2.0 is affected by CVE-2006-4584, where remote attackers can bypass authentication and add an administrative account via login and password parameters to admin/insert_admin.php. The vulnerability allows partial confidentiality, integrity, and availability impact (CVSS v2 base score 7.5, ...

7.5CVSS7.6AI score0.20107EPSS

Exploits1References10Affected Software1

CVE•added 2006/09/06 10:0 p.m.•38 views

CVE-2006-4585

The CVE-2006-4585 entry describes an SQL injection in Tr Forum 2.0, specifically in admin/editer.php via the id2 parameter. The vulnerability allows remote authenticated users to execute arbitrary SQL commands, and the note indicates this could be leveraged with other Tr Forum vulnerabilities to ...

9CVSS8.8AI score0.05345EPSS

Exploits1References10Affected Software1

0day.today•added 2006/09/04 12:0 a.m.•24 views

Tr Forum 2.0 SQL Injection / Bypass Security Restriction Exploit

Exploit for unknown platform in category web applications ================================================================ Tr Forum 2.0 SQL Injection / Bypass Security Restriction Exploit ================================================================ !/usr/bin/perl Affected.scr..: Tr Forum V2.0...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by