Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-1817

Malware in sbrugna...

2.6CVSS6.4AI score0.01145EPSS
Exploits0References7
Cvelist
Cvelist
added 2007/02/12 11:0 a.m.22 views

CVE-2006-6996

Multiple cross-site scripting XSS vulnerabilities in warforge.NEWS 1.0 allow remote attackers to inject arbitrary HTML and web script via the 1 title and 2 newspost parameters to a newsadd.php, and the 3 name, title, and 4 comment parameters to b news.php, a different set of vectors than...

5.5AI score0.00845EPSS
Exploits0References2
Prion
Prion
added 2006/04/18 10:2 a.m.17 views

Sql injection

SQL injection vulnerability in authcheck.php in warforge.NEWS 1.0, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the 1 authusername and possibly the 2 authpassword cookie...

2.6CVSS9.1AI score0.01145EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2006/04/18 10:2 a.m.15 views

CVE-2006-1817

SQL injection vulnerability in authcheck.php in warforge.NEWS 1.0, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the 1 authusername and possibly the 2 authpassword cookie...

2.6CVSS8.5AI score0.01145EPSS
Exploits0References6
Prion
Prion
added 2006/04/18 10:2 a.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in warforge.NEWS 1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the 1 firstname and 2 lastname parameter in myaccounts.php. NOTE: portions of these details were obtained from third par...

2.6CVSS6.1AI score0.01174EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2006/04/18 10:0 a.m.48 views

CVE-2006-1818

CVE-2006-1818 affects warforge.NEWS 1.0 with multiple XSS vectors. The description notes remote attackers can inject arbitrary web script or HTML via unspecified vectors, possibly including first_name and last_name in myaccounts.php. This entry is supported by NVD and related records showing XSS ...

2.6CVSS5.9AI score0.01174EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2006/04/18 10:0 a.m.50 views

CVE-2006-1817

CVE-2006-1817 affects warforge.NEWS 1.0, where authcheck.php is vulnerable to SQL injection via cookies (authusername, possibly authpassword) when magic_quotes_gpc is off. This is a remote vulnerability with a LOW base score (2.6/10) and potential partial integrity impact. Exploitation details ar...

2.6CVSS8.5AI score0.01145EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder