CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Multiple cross-site scripting XSS vulnerabilities in the login application in vBook 4.2.17 allow remote attackers to inject arbitrary web script or HTML via the 1 title and 2 message parameters...

4.3CVSS5.8AI score0.00254EPSS

Exploits0References3

Prion•added 2010/06/11 2:30 p.m.•17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the login application in vBook 4.2.17 allow remote attackers to inject arbitrary web script or HTML via the 1 title and 2 message parameters...

4.3CVSS6.1AI score0.00254EPSS

Exploits0References3Affected Software1

CVE•added 2010/06/11 2:0 p.m.•38 views

CVE-2009-4890

CVE-2009-4890 describes multiple cross-site scripting (XSS) vulnerabilities in the login application of vBook 4.2.17, allowing remote attackers to inject arbitrary script/HTML via the 1) title and 2) message parameters. The affected product is the login component of vBook; the underlying cause is...

4.3CVSS5.9AI score0.00254EPSS

Exploits0References3Affected Software1

Cvelist•added 2010/06/11 2:0 p.m.•14 views

CVE-2009-4890

Multiple cross-site scripting XSS vulnerabilities in the login application in vBook 4.2.17 allow remote attackers to inject arbitrary web script or HTML via the 1 title and 2 message parameters...

5.8AI score0.00254EPSS

Exploits0References3

securityvulns•added 2009/03/09 12:0 a.m.•57 views

DDIVRT-2009-21 vBook Login Application Cross-site Scripting Vulnerability

Title ----- DDIVRT-2009-21 vBook Login Application Cross-site Scripting Vulnerability Severity -------- Low Date Discovered --------------- January 19th, 2009 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: David Marshall and r@b13$ Vulnerability Description...

1.1AI score

Exploits0

NVD•added 2006/03/31 11:6 a.m.•12 views

CVE-2006-1563

Direct static code injection vulnerability in config.php in vscripts aka Kuba Kunkiewicz VBook aka VBook 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other VBook scripts...

7.6CVSS7.8AI score0.00667EPSS

Exploits0References6

NVD•added 2006/03/31 11:6 a.m.•13 views

CVE-2006-1561

SQL injection vulnerability in index.php in vscripts aka Kuba Kunkiewicz VBook aka VBook 2.0 allows remote attackers to execute arbitrary SQL commands via the x parameter...

5.1CVSS8.4AI score0.01355EPSS

Exploits0References8

Prion•added 2006/03/31 11:6 a.m.•12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in vscripts aka Kuba Kunkiewicz VBook aka VBook 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 autor, 2 www, 3 temat, and 4 tresc parameters...

6.8CVSS6.1AI score0.01631EPSS

Exploits0References7Affected Software1

Prion•added 2006/03/31 11:6 a.m.•13 views

Sql injection

SQL injection vulnerability in index.php in vscripts aka Kuba Kunkiewicz VBook aka VBook 2.0 allows remote attackers to execute arbitrary SQL commands via the x parameter...

5.1CVSS9AI score0.01355EPSS

Exploits0References8Affected Software1

Cvelist•added 2006/03/31 11:0 a.m.•14 views

CVE-2006-1562

5.8AI score0.01631EPSS

Exploits0References7

CVE•added 2006/03/31 11:0 a.m.•44 views

CVE-2006-1563

Affected software/component: [V]Book (aka VBook) 2.0 by vscripts; vulnerable file: config.php. Root cause: Direct static code injection allows an attacker to insert arbitrary PHP code into config.php, which is subsequently included by other [V]Book scripts. Impact: Remote code execution leading t...

7.6CVSS7.8AI score0.00667EPSS

Exploits0References6Affected Software1

CVE•added 2006/03/31 11:0 a.m.•49 views

CVE-2006-1562

The CVE-2006-1562 entry concerns vulnerable [V]Book (aka VScripts/VBook) version 2.0 by Kuba Kunkiewicz. Multiple cross-site scripting (XSS) vulnerabilities exist in index.php, exploitable via four parameters (autor, www, temat, tresc). The underlying issue is insufficient input sanitization, all...

6.8CVSS5.8AI score0.01631EPSS

Exploits0References7Affected Software1

Cvelist•added 2006/03/31 11:0 a.m.•20 views

CVE-2006-1561

SQL injection vulnerability in index.php in vscripts aka Kuba Kunkiewicz VBook aka VBook 2.0 allows remote attackers to execute arbitrary SQL commands via the x parameter...

8.4AI score0.01355EPSS

Exploits0References8

Cvelist•added 2006/03/31 11:0 a.m.•12 views

CVE-2006-1563

7.8AI score0.00667EPSS

Exploits0References6

CVE•added 2006/03/31 11:0 a.m.•51 views

CVE-2006-1561

The CVE-2006-1561 issue affects the [V]Book (aka VBook) 2.0 software (vscripts) and is caused by improper sanitization in index.php, where the x parameter is used unsafely in SQL queries. This allows remote attackers to execute arbitrary SQL commands. The connected sources consistently describe S...

5.1CVSS8.4AI score0.01355EPSS

Exploits0References8Affected Software1

securityvulns•added 2006/03/30 12:0 a.m.•23 views

[SA19448] VBook Multiple Vulnerabilities

TITLE: VBook Multiple Vulnerabilities SECUNIA ADVISORY ID: SA19448 VERIFY ADVISORY: http://secunia.com/advisories/19448/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data, System access WHERE: From remote SOFTWARE: VBook 2.x http://secunia.com/product/9051/...

1.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by