Lucene search
K

53 matches found

NVD
NVD
added 2005/12/06 11:3 a.m.12 views

CVE-2005-4037

SQL injection vulnerability in functions.php in Web4Future Affiliate Manager PRO 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter...

7.5CVSS8.4AI score0.01233EPSS
Exploits0References6
NVD
NVD
added 2005/12/06 11:3 a.m.10 views

CVE-2005-4035

Multiple SQL injection vulnerabilities in Web4Future eCommerce Enterprise Edition 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 prod, and 2 brid parameters to a view.php; the 3 the bid parameter to b viewbrands.php; and the 4 grp and 5 cat parameters to...

7.5CVSS8.5AI score0.01333EPSS
Exploits1References7
NVD
NVD
added 2005/12/06 11:3 a.m.12 views

CVE-2005-4034

Multiple SQL injection vulnerabilities in Web4Future eDating Professional 5 allow remote attackers to execute arbitrary SQL commands via the 1 s, 2 pg, and 3 sortb parameters to a index.php; 4 cid parameter to b gift.php and c fq.php; and 5 cat parameter to d articles.php...

7.5CVSS8.5AI score0.0178EPSS
Exploits1References8
NVD
NVD
added 2005/12/06 11:3 a.m.16 views

CVE-2005-4038

SQL injection vulnerability in comentarii.php in Web4Future Portal Solutions News Portal allows remote attackers to execute arbitrary SQL commands via the idp parameter...

7.5CVSS8.4AI score0.01333EPSS
Exploits0References6
NVD
NVD
added 2005/12/06 11:3 a.m.18 views

CVE-2005-4039

Directory traversal vulnerability in arhiva.php in Web4Future Portal Solutions News Portal allows remote attackers to read arbitrary files via the dir parameter...

7.8CVSS6.7AI score0.03689EPSS
Exploits1References6
Cvelist
Cvelist
added 2005/12/06 11:0 a.m.17 views

CVE-2005-4036

Cross-site scripting XSS vulnerability in index.cgi in Web4Future KeyWord Frequency Counter 1.0 allows remote attackers to inject arbitrary web script or HTML via the "remote URL."...

5.7AI score0.01177EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/12/06 11:0 a.m.16 views

CVE-2005-4035

Multiple SQL injection vulnerabilities in Web4Future eCommerce Enterprise Edition 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 prod, and 2 brid parameters to a view.php; the 3 the bid parameter to b viewbrands.php; and the 4 grp and 5 cat parameters to...

8.5AI score0.01333EPSS
Exploits1References7
Cvelist
Cvelist
added 2005/12/06 11:0 a.m.14 views

CVE-2005-4037

SQL injection vulnerability in functions.php in Web4Future Affiliate Manager PRO 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter...

8.4AI score0.01233EPSS
Exploits0References6
Cvelist
Cvelist
added 2005/12/06 11:0 a.m.17 views

CVE-2005-4034

Multiple SQL injection vulnerabilities in Web4Future eDating Professional 5 allow remote attackers to execute arbitrary SQL commands via the 1 s, 2 pg, and 3 sortb parameters to a index.php; 4 cid parameter to b gift.php and c fq.php; and 5 cat parameter to d articles.php...

8.5AI score0.0178EPSS
Exploits1References8
Cvelist
Cvelist
added 2005/12/06 11:0 a.m.19 views

CVE-2005-4038

SQL injection vulnerability in comentarii.php in Web4Future Portal Solutions News Portal allows remote attackers to execute arbitrary SQL commands via the idp parameter...

8.4AI score0.01333EPSS
Exploits0References6
CVE
CVE
added 2005/12/06 11:0 a.m.47 views

CVE-2005-4034

CVE-2005-4034 describes multiple SQL injection vulnerabilities in Web4Future eDating Professional 5, enabling remote attackers to execute arbitrary SQL via the parameters s, pg, and sortb to index.php; cid to gift.php and fq.php; and cat to articles.php. Affected product: Web4Future eDating Profe...

7.5CVSS8.9AI score0.0178EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2005/12/06 11:0 a.m.38 views

CVE-2005-4037

CVE-2005-4037 affects Web4Future Affiliate Manager PRO 4.1 and earlier. The vulnerability is a SQL injection in functions.php reachable via the pid parameter, enabling remote SQL commands. CVSS metrics in the initial entry indicate base score 7.5 (HIGH) with network attack vector and low attack c...

7.5CVSS8.8AI score0.01233EPSS
Exploits0References6
CVE
CVE
added 2005/12/06 11:0 a.m.34 views

CVE-2005-4035

CVE-2005-4035 concerns SQL injection vulnerabilities in Web4Future eCommerce Enterprise Edition 2.1 and earlier. The flaws allow remote attackers to execute arbitrary SQL commands via the (1) prod and (2) brid parameters to view.php; the (3) bid parameter to viewbrands.php; and the (4) grp and (5...

7.5CVSS8.9AI score0.01333EPSS
Exploits1References7
CVE
CVE
added 2005/12/06 11:0 a.m.43 views

CVE-2005-4038

CVE-2005-4038: A SQL injection flaw exists in Web4Future Portal Solutions News Portal’s comentarii.php, exploitable via the idp parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands. Documents confirm the affected product and parameter but do not provide exploitat...

7.5CVSS8.8AI score0.01333EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2005/12/06 11:0 a.m.21 views

CVE-2005-4039

Directory traversal vulnerability in arhiva.php in Web4Future Portal Solutions News Portal allows remote attackers to read arbitrary files via the dir parameter...

6.7AI score0.03689EPSS
Exploits1References6
CVE
CVE
added 2005/12/06 11:0 a.m.58 views

CVE-2005-4036

CVE-2005-4036 is a cross-site scripting (XSS) vulnerability in Web4Future Keyword Frequency Counter 1.0, exploitable via the remote URL parameter sent to index.cgi. The NVD summary states an attacker can inject arbitrary script/HTML, impacting integrity (partial) but with no confidentiality or av...

4.3CVSS6AI score0.01177EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2005/12/06 11:0 a.m.39 views

CVE-2005-4039

CVE-2005-4039 affects the Web4Future Portal Solutions News Portal. A directory traversal flaw in arhiva.php allows remote attackers to read arbitrary files through the dir parameter. The NVD entry lists a base score of 7.8 (HIGH) with network access and low attack complexity. The connected source...

7.8CVSS7.1AI score0.03689EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2005/12/05 12:0 a.m.27 views

Web4Future eCommerce Enterprise Edition v2.1 SQL inj. vuln.

Web4Future eCommerce Enterprise Edition v2.1 SQL inj. vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/ecommerce-enterprise-edition-sql-inj.html vendor:http://www.web4future.com/products.php?p=ecomm affected version:v2.1 and prior Product...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2005/12/05 12:0 a.m.24 views

Web4Future Portal Solutions - News Portal vuln.

Web4Future Portal Solutions - News Portal vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/web4future-portal-solutions-news.html vendor:http://www.web4future.com/products.php?p=nportal affected version: latest Product Description: It's a...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2005/12/05 12:0 a.m.12 views

Web4Future eCommerce Enterprise Edition 2.1 - view.php Multiple SQL Injections

Web4Future eCommerce Enterprise Edition 2.1 - view.php Multiple SQL Injections source: https://www.securityfocus.com/bid/15707/info eCommerce Enterprise Edition is prone to multiple SQL injection vulnerabilities. These vulnerabilities could permit remote attackers to pass malicious input to...

0.2AI score
Exploits0
Rows per page
Query Builder