Lucene search
K

40 matches found

RedhatCVE
RedhatCVE
added 2025/05/21 8:39 p.m.8 views

CVE-2002-2376

Cross-site scripting XSS vulnerability in E-Guestsign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the 1 full name, 2 email, 3 homepage, and 4 location parameters. NOTE: this issue might overlap CVE-2005-1605...

6.8CVSS6AI score0.01519EPSS
Exploits1References1
NVD
NVD
added 2025/04/16 5:15 p.m.19 views

CVE-2024-40069

Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting XSS via idgenerator/classes/Users.php?f=save, and the point of vulnerability is in the POST parameter 'firstname' and 'lastname'...

5.4CVSS0.00238EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/08/15 5:15 p.m.7 views

CVE-2023-38916

SQL Injection vulnerability in eVotingSystem-PHP v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the user input fields...

8.8CVSS7.8AI score0.00856EPSS
Exploits1References2
OSV
OSV
added 2023/08/15 5:15 p.m.5 views

CVE-2023-38916

SQL Injection vulnerability in eVotingSystem-PHP v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the user input fields...

8.8CVSS6.2AI score0.00856EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/08/15 12:0 a.m.13 views

CVE-2023-38916

SQL Injection vulnerability in eVotingSystem-PHP v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the user input fields...

8.7AI score0.00856EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2023/06/30 12:0 a.m.348 views

Time Slot Booking Calendar 1.8 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/02/07 12:0 a.m.3 views

PT-2023-16486 · Unknown · Sourcecodester Online Eyewear Shop

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Eyewear Shop version 1.0 Description: A vulnerability has been found in the function registration of the file oews/classes/Users.php of the component POST Request Handler. The manipulation of the arguments firstname,...

6.1CVSS4.3AI score0.0039EPSS
Exploits0References5
CNVD
CNVD
added 2021/07/01 12:0 a.m.10 views

AKCP sensorProbe Cross-Site Scripting Vulnerability

The AKCP sensorProbe is a platform-independent environmental and safety monitoring device from AKCP USA. Simply assign an IP address and connect to the embedded web server. A cross-site scripting vulnerability exists in versions prior to SP480-20210624 of the AKCP sensorProbe Embedded Web Server...

5.4CVSS6.4AI score0.0323EPSS
Exploits5References1
OSV
OSV
added 2018/08/09 7:29 p.m.6 views

CVE-2018-15182

PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields...

5.4CVSS5.8AI score0.00545EPSS
Exploits1References1
NVD
NVD
added 2018/08/04 1:29 a.m.29 views

CVE-2018-14541

PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields...

5.4CVSS5.3AI score0.00663EPSS
Exploits4References2
Cvelist
Cvelist
added 2018/08/03 4:0 p.m.25 views

CVE-2018-14541

PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields...

5.3AI score0.00663EPSS
Exploits4References2
exploitpack
exploitpack
added 2016/09/27 12:0 a.m.35 views

FreePBX 13.0.188 - Remote Command Execution (Metasploit)

FreePBX 13.0.188 - Remote Command Execution Metasploit Title : Freepbx =begin Freepbx 13.x are vulnerable to Remote command execution due to the insuffecient sanitization of the user input fields language,destination and also due to the lack of good authentication checking Technical details...

0.1AI score
Exploits0
Prion
Prion
added 2007/10/08 9:17 p.m.11 views

Format string

Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the 1 username, 2 password, and 3 nickname fields in a "0x01" packet...

7.5CVSS8.3AI score0.03506EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2005/12/23 12:3 a.m.10 views

CVE-2005-4507

Multiple cross-site scripting XSS vulnerabilities in Nexus Concepts Dev Hound 2.24 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple unspecified user input fields...

4.3CVSS5.9AI score0.01208EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/12/23 12:0 a.m.16 views

CVE-2005-4507

Multiple cross-site scripting XSS vulnerabilities in Nexus Concepts Dev Hound 2.24 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple unspecified user input fields...

5.9AI score0.01208EPSS
Exploits0References4
securityvulns
securityvulns
added 2005/04/12 12:0 a.m.56 views

[Full-disclosure] XAMPP

------------------------------------------------------------ - EXPL-A-2005-006 exploitlabs.com Advisory 034 - ------------------------------------------------------------ - XAMPP - OVERVIEW ======== XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl. XAMPP is really ve...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2004/05/24 12:0 a.m.36 views

Liferay Cross Site Scripting Flaw

Advisory Name: Liferay Cross Site Scripting flaw Release Date: 05/22/2004 Application: Liferay www.liferay.com Author: Sandeep Giri Vendor Status: Notified 4 months ago Overview: Taken from http://www.liferay.com/products/index.jsp Liferay Enterprise Portal was designed to: Provide organizations...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2003/04/10 12:0 a.m.58 views

ISC guestbook script injection vulnerability.

This advisory can be found at www.blacktigerz.org Date: 08.04.2003 Subject: ISC guestbook script injection vulnerability. Description: Free, easy to use asp powered guestbook. Main fetures are: web-based administration, bad word filtering. Vendor: http://www.isc-online.at Download:...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2003/04/05 12:0 a.m.146 views

Sakki's guestbook V.1.01 script injection vulnerability.

This advisory can be found at www.blacktigerz.org. Description: Easy to manage and configure asp powered guestbook. Works with MS Access database or without it. Vendor: http://www.sakki.net Vulnerability: gb.asp neglects filtering user input allowing for script injection to the guestbook via "nam...

7.3AI score
Exploits0
NVD
NVD
added 2002/08/12 4:0 a.m.15 views

CVE-2002-0732

Cross-site scripting vulnerability in MyGuestbook 1.0 allows remote attackers to execute arbitrary script or inject HTML via fields such as 1 user name or 2 comments...

7.5CVSS6.8AI score0.02754EPSS
Exploits1References4
Rows per page
Query Builder