Lucene search
+L

55 matches found

exploitdb
exploitdb
added 2008/04/11 12:0 a.m.26 views

W2B Dating Club - 'browse.php' SQL Injection

source: https://www.securityfocus.com/bid/28737/info W2B Dating Club is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modi...

7AI score
Exploits0
prion
prion
added 2007/06/11 10:30 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in auth.w2b in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the adtype parameter, a different vector than CVE-2006-1980...

4.3CVSS5.9AI score0.0195EPSS
Exploits1References3
nvd
nvd
added 2007/06/11 10:30 p.m.20 views

CVE-2007-3174

Cross-site scripting XSS vulnerability in auth.w2b in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the adtype parameter, a different vector than CVE-2006-1980...

4.3CVSS5.6AI score0.01022EPSS
Exploits0References3
prion
prion
added 2007/06/11 10:30 p.m.14 views

Sql injection

Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via 1 the draft parameter to mailer.w2b or 2 the listDocPay parameter to DocPay.w2b...

7.5CVSS9.3AI score0.16683EPSS
Exploits0References4
nvd
nvd
added 2007/06/11 10:30 p.m.18 views

CVE-2007-3175

Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via 1 the draft parameter to mailer.w2b or 2 the listDocPay parameter to DocPay.w2b...

7.5CVSS8.5AI score0.16683EPSS
Exploits0References4
cvelist
cvelist
added 2007/06/11 10:0 p.m.24 views

CVE-2007-3174

Cross-site scripting XSS vulnerability in auth.w2b in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the adtype parameter, a different vector than CVE-2006-1980...

5.6AI score0.01022EPSS
Exploits0References3
cve
cve
added 2007/06/11 10:0 p.m.49 views

CVE-2007-3174

CVE-2007-3174 is an XSS vulnerability in W2B Online Banking (auth.w2b) exploitable via the adtype parameter (vector distinct from CVE-2006-1980). Public metrics show a CVSS v2 base score of 4.3 (Medium) with Network attack vector, requiring no authentication, no confidentiality impact, but partia...

4.3CVSS5.6AI score0.01022EPSS
Exploits0References3Affected Software1
cve
cve
added 2007/06/11 10:0 p.m.55 views

CVE-2007-3175

CVE-2007-3175 describes multiple SQL injection vulnerabilities in W2B Online Banking. The affected components are the web applications handling mailer.w2b and DocPay.w2b, where user-supplied input in the draft and listDocPay parameters can be exploited to alter or execute SQL commands remotely. T...

7.5CVSS8.5AI score0.16683EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2007/06/11 10:0 p.m.28 views

CVE-2007-3175

Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via 1 the draft parameter to mailer.w2b or 2 the listDocPay parameter to DocPay.w2b...

8.5AI score0.16683EPSS
Exploits0References4
nvd
nvd
added 2006/04/21 10:2 p.m.24 views

CVE-2006-1980

Cross-site scripting XSS vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the 1 query string, 2 SID parameter, or 3 ilang parameter...

2.6CVSS5.6AI score0.0195EPSS
Exploits1References6
prion
prion
added 2006/04/21 10:2 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the 1 query string, 2 SID parameter, or 3 ilang parameter...

2.6CVSS6AI score0.0195EPSS
Exploits1References6
cvelist
cvelist
added 2006/04/21 10:0 p.m.30 views

CVE-2006-1980

Cross-site scripting XSS vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the 1 query string, 2 SID parameter, or 3 ilang parameter...

5.6AI score0.0195EPSS
Exploits1References6
cve
cve
added 2006/04/21 10:0 p.m.55 views

CVE-2006-1980

CVE-2006-1980 is an XSS vulnerability in W2B Online Banking. The vulnerability allows remote attackers to inject arbitrary script via (1) query string, (2) SID parameter, or (3) ilang parameter. The NVD entry reports a CVSS v2.0 base score of 2.6 (low) with Network attack vector, high attack comp...

2.6CVSS5.6AI score0.0195EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2006/04/20 12:0 a.m.30 views

[SA19717] W2B Online Banking "SID" Cross-Site Scripting Vulnerability

TITLE: W2B Online Banking "SID" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA19717 VERIFY ADVISORY: http://secunia.com/advisories/19717/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: W2B Online Banking http://secunia.com/product/9461/ DESCRIPTION:...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2006/04/20 12:0 a.m.32 views

W2B Online Banking vuln.

W2B Online Banking vuln. Vuln. discovered by : r0t Date: 20 april 2006 vendorlink:www.w2b.ru/OnlineBanking/index.php affected versions:last/actual orginal advisory: http://pridels.blogspot.com/2006/04/w2b-online-banking-vuln.html Vuln. Description: W2B Online Banking contains a flaw that allows a...

0.1AI score
Exploits0
Rows per page
Query Builder