CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

securityvulns•added 2006/02/13 12:0 a.m.•37 views

[eVuln] Unknown Domain Shoutbox multiple XSS & SQL Injection Vulnerabilities

New eVuln Advisory: Unknown Domain Shoutbox multiple XSS & SQL Injection Vulnerabilities http://evuln.com/vulns/55/summary.html --------------------Summary---------------- eVuln ID: EV0055 CVE: CVE-2006-0605 CVE-2006-0606 Software: Shoutbox Sowtware's Web Site: http://www.unknowndomain.co.uk/...

7.5CVSS6.8AI score0.00619EPSS

Exploits1

Packet Storm•added 2006/02/13 12:0 a.m.•27 views

EV0055.txt

7.5CVSS6.6AI score0.00619EPSS

Exploits1

NVD•added 2006/02/08 11:2 p.m.•7 views

CVE-2006-0605

Multiple cross-site scripting XSS vulnerabilities in Unknown Domain Shoutbox 2005.07.21 allow remote attackers to inject arbitrary web script or HTML, possibly via the 1 Handle or 2 Message fields...

4.3CVSS6AI score0.00572EPSS

Exploits1References6

Prion•added 2006/02/08 11:2 p.m.•8 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Unknown Domain Shoutbox 2005.07.21 allow remote attackers to inject arbitrary web script or HTML, possibly via the 1 Handle or 2 Message fields...

4.3CVSS6.3AI score0.00572EPSS

Exploits1References6Affected Software1

NVD•added 2006/02/08 11:2 p.m.•6 views

CVE-2006-0606

SQL injection vulnerability in Unknown Domain Shoutbox 2005.07.21 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors...

7.5CVSS8.3AI score0.00619EPSS

Exploits1References5

Prion•added 2006/02/08 11:2 p.m.•8 views

Sql injection

SQL injection vulnerability in Unknown Domain Shoutbox 2005.07.21 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors...

7.5CVSS9AI score0.00619EPSS

Exploits1References5Affected Software1

CVE•added 2006/02/08 11:0 p.m.•37 views

CVE-2006-0606

The CVE-2006-0606 entry concerns a SQL injection vulnerability in Unknown Domain Shoutbox 2005.07.21 that allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. Affected software is Shoutbox (Unknown Domain). The root cause is improper handling of user-supplied inpu...

7.5CVSS8.3AI score0.00619EPSS

Exploits1References5Affected Software1

CVE•added 2006/02/08 11:0 p.m.•51 views

CVE-2006-0605

CVE-2006-0605 concerns Unknown Domain Shoutbox 2005.07.21 and describes multiple input validation flaws enabling remote attackers to inject arbitrary code via the Handle or Message fields. The linked sources indicate two vulnerability classes: cross-site scripting (XSS) and SQL injection, arising...

4.3CVSS6AI score0.00572EPSS

Exploits1References6Affected Software1

Cvelist•added 2006/02/08 11:0 p.m.•16 views

CVE-2006-0606

SQL injection vulnerability in Unknown Domain Shoutbox 2005.07.21 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors...

8.3AI score0.00619EPSS

Exploits1References5

securityvulns•added 2006/02/08 12:0 a.m.•30 views

[SA18759] Unknown Domain Shoutbox Two Vulnerabilities

TITLE: Unknown Domain Shoutbox Two Vulnerabilities SECUNIA ADVISORY ID: SA18759 VERIFY ADVISORY: http://secunia.com/advisories/18759/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: Unknown Domain Shoutbox 1.x...

0.5AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by