CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2015/10/09 12:0 a.m.•2 views

Web Reference Database and bleeding-edge cross-site scripting vulnerabilities

Web Reference Database a.k.a. refbase is a web-based multi-user interface product developed by the refbase community to provide search tools and automated indexing for the management of scientific literature. bleeding-edge is a downloadable version. A cross-site scripting vulnerability exists in...

4.3CVSS6.1AI score0.00909EPSS

5.8CVSS6.7AI score0.005EPSS

Web Reference Database Open Redirect Vulnerability

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. An open redirection vulnerability exists in the handling of the 'referrer' parameter of the Web Reference Database, which allows an attacker to...

4.3CVSS7AI score0.00909EPSS

Web Reference Database Cross-Site Scripting Vulnerability

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. Multiple scripts in Web Reference Database fail to adequately filter multiple parameters, allowing remote attackers to exploit vulnerabilities t...

6.8CVSS6.9AI score0.00108EPSS

Web Reference Database Cross-Site Request Forgery Vulnerability

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. A cross-site request forgery vulnerability exists in Web Reference Database, which allows remote attackers to construct malicious URIs, trick...

7.5CVSS7.5AI score0.03623EPSS

Web Reference Database SQL Injection Vulnerability

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. A security vulnerability in the Web Reference Database install.php script handling the 'defaultCharacterSet' parameter allows remote attackers t...

5CVSS7.5AI score0.00926EPSS

Web Reference Database XML Injection Vulnerability

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. The Web Reference Database unapi.php script fails to adequately filter the 'id' parameter and the sru.php script fails to adequately filter the...

CNVD•added 2015/10/03 12:0 a.m.•2 views

Web Reference Database SQL Injection Vulnerability (CNVD-2015-06458)

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. The Web Reference Database rss.php script fails to adequately filter the 'where' parameter and the search.php script fails to adequately filter...

7.5CVSS7.5AI score0.03623EPSS

CNVD•added 2015/10/03 12:0 a.m.•2 views

Web Reference Database Command Execution Vulnerability

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. A vulnerability in the handling of the 'adminPassword' parameter in the Web Reference Databaseinstall.php script allows remote attackers to...

7.5CVSS7.7AI score0.07552EPSS

NVD•added 2015/09/28 2:59 a.m.•17 views

CVE-2015-7383

Multiple cross-site scripting XSS vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge through 2015-04-28 allow remote attackers to inject arbitrary web script or HTML via the 1 adminUserName, 2 pathToMYSQL, 3 databaseStructureFile, or 4 pathToBibutils parameter t...

4.3CVSS5.8AI score0.00909EPSS

NVD•added 2015/09/28 2:59 a.m.•8 views

CVE-2015-7382

SQL injection vulnerability in install.php in Web Reference Database aka refbase through 0.9.6 allows remote attackers to execute arbitrary SQL commands via the defaultCharacterSet parameter, a different issue than CVE-2015-6009...

7.5CVSS8.1AI score0.03623EPSS