CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might overlap CVE-2008-2334, CVE-2008-1939, CVE-2007-2641, or CVE-2007-0920...

7.5CVSS8AI score0.00493EPSS

Exploits0References5

CVE•added 2008/11/21 5:0 p.m.•63 views

CVE-2008-5193

CVE-2008-5193 describes a Cross-site scripting (XSS) vulnerability in W1L3D4 Philboard, specifically in the file search.asp for versions 1.14 and 1.2. The underlying issue allows an attacker to inject arbitrary web script or HTML via the searchterms parameter. The related CVE notes a potential ov...

4.3CVSS5.7AI score0.03701EPSS

Exploits0References5Affected Software1

Cvelist•added 2008/11/21 5:0 p.m.•23 views

CVE-2008-5192

8AI score0.00493EPSS

Exploits0References5

Cvelist•added 2008/11/21 5:0 p.m.•25 views

CVE-2008-5193

Cross-site scripting XSS vulnerability in search.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: this might overlap CVE-2007-4024...

5.6AI score0.03701EPSS

Exploits0References5

CVE•added 2008/11/21 5:0 p.m.•65 views

CVE-2008-5192

CVE-2008-5192 concerns a SQL injection vulnerability in forum.asp of W1L3D4 Philboard versions 1.14 and 1.2, exploitable via the forumid parameter. The root cause is an unsafely handled input for forumid that allows arbitrary SQL execution by an attacker. Connected records corroborate the vulnera...

7.5CVSS8.3AI score0.00493EPSS

Exploits0References5Affected Software1

NVD•added 2008/05/19 1:20 p.m.•13 views

CVE-2008-2334

Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the 1 forumid parameter to a admin/philboardadmin-forumedit.asp, b admin/philboardadmin-forum.asp, and c W1L3D4forumayenikonuac.asp; the 2 id parameter to d W1L3D4konuoku.as...

7.5CVSS7.9AI score0.00417EPSS

Exploits1References4

Prion•added 2008/05/19 1:20 p.m.•17 views

Sql injection

7.5CVSS8.3AI score0.03883EPSS

Exploits3References4Affected Software1

Cvelist•added 2008/05/19 10:0 a.m.•19 views

CVE-2008-2334

7.9AI score0.00417EPSS

Exploits1References4

NVD•added 2008/04/25 6:5 a.m.•16 views

CVE-2008-1939

Multiple SQL injection vulnerabilities in W1L3D4 Philboard 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 topic parameters to a philboardreply.asp, and the 3 forumid parameter to b philboardnewtopic.asp, different vectors than CVE-2007-2641 and CVE-2007-0920...

7.5CVSS8.2AI score0.00462EPSS

Exploits1References4

Prion•added 2008/04/25 6:5 a.m.•18 views

Sql injection

7.5CVSS8.6AI score0.03883EPSS

Exploits2References4Affected Software1

Cvelist•added 2008/04/24 7:0 p.m.•18 views

CVE-2008-1939

8.2AI score0.00462EPSS

Exploits1References4

CVE•added 2008/04/24 7:0 p.m.•49 views

CVE-2008-1939

Concrete details show SQL injection vulnerabilities in W1L3D4 Philboard components across multiple versions (e.g., 0.5, 1.0, 1.14, 1.2) via user-supplied parameters (forumid, id, topic) in various ASP scripts (admin/ paths and forum/ paths). The root cause is improper handling of input leading to...

7.5CVSS8.3AI score0.00462EPSS

Exploits1References4Affected Software1

NVD•added 2007/07/26 7:30 p.m.•17 views

CVE-2007-4024

Cross-site scripting XSS vulnerability in W1L3D4aramasonuc.asp in W1L3D4 Philboard 0.3 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS5.5AI score0.00641EPSS

Exploits0References4

Prion•added 2007/07/26 7:30 p.m.•19 views

Cross site scripting

4.3CVSS5.8AI score0.00641EPSS

Exploits0References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by