Lucene search
K

24 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-3796

Malware in sbrugna...

7.5CVSS6.4AI score0.01595EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-3793

Malware in sbrugna...

6.8CVSS6.4AI score0.00554EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2011-3792

Malware in sbrugna...

4.3CVSS6.4AI score0.01772EPSS
Exploits0References28
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-3795

Malware in sbrugna...

7.5CVSS6.4AI score0.01413EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2011-3794

Malware in sbrugna...

6.8CVSS6.4AI score0.01444EPSS
Exploits0References6
NVD
NVD
added 2011/12/24 7:55 p.m.17 views

CVE-2011-3836

Multiple cross-site request forgery CSRF vulnerabilities in Wuzly 2.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add an administrator, 2 perform cross-site scripting XSS, 3 perform SQL injection, or have other unspecified impact via unknown vectors...

6.8CVSS7.5AI score0.00554EPSS
Exploits0References4
NVD
NVD
added 2011/12/24 7:55 p.m.17 views

CVE-2011-3838

Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 u parameter to fp.php, 2 epage parameter to newpage.php, 3 epost parameter to newpost.php, and 4 username parameter to login.php in admin/; or the 5 username parameter to...

7.5CVSS8.5AI score0.01413EPSS
Exploits0References8
NVD
NVD
added 2011/12/24 7:55 p.m.11 views

CVE-2011-3837

Directory traversal vulnerability in blogsystem/datafunctions.php in Wuzly 2.0 allows remote attackers to read arbitrary files via a .. dot dot in the preview parameter to index.php...

6.8CVSS6.6AI score0.01444EPSS
Exploits0References4
NVD
NVD
added 2011/12/24 7:55 p.m.16 views

CVE-2011-3839

The administration functionality in Wuzly 2.0 allows remote attackers to bypass authentication by setting the dXNlcm5hbWU cookie...

7.5CVSS6.9AI score0.01595EPSS
Exploits0References4
NVD
NVD
added 2011/12/24 7:55 p.m.16 views

CVE-2011-3835

Multiple cross-site scripting XSS vulnerabilities in Wuzly 2.0 allow remote attackers to inject arbitrary web script or HTML via the Referer header to 1 admin/login.php and 2 admin/404.php; the 3 q parameter to search.php; the 4 themename parameter to themesettings.php, 5 extensionname parameter ...

4.3CVSS5.8AI score0.01772EPSS
Exploits0References26
Prion
Prion
added 2011/12/24 7:55 p.m.13 views

Sql injection

Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 u parameter to fp.php, 2 epage parameter to newpage.php, 3 epost parameter to newpost.php, and 4 username parameter to login.php in admin/; or the 5 username parameter to...

7.5CVSS9.3AI score0.01413EPSS
Exploits0References8Affected Software1
Prion
Prion
added 2011/12/24 7:55 p.m.21 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Wuzly 2.0 allow remote attackers to inject arbitrary web script or HTML via the Referer header to 1 admin/login.php and 2 admin/404.php; the 3 q parameter to search.php; the 4 themename parameter to themesettings.php, 5 extensionname parameter ...

4.3CVSS6.1AI score0.01772EPSS
Exploits0References26Affected Software1
Prion
Prion
added 2011/12/24 7:55 p.m.14 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Wuzly 2.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add an administrator, 2 perform cross-site scripting XSS, 3 perform SQL injection, or have other unspecified impact via unknown vectors...

6.8CVSS8AI score0.00554EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2011/12/24 7:55 p.m.12 views

Directory traversal

Directory traversal vulnerability in blogsystem/datafunctions.php in Wuzly 2.0 allows remote attackers to read arbitrary files via a .. dot dot in the preview parameter to index.php...

6.8CVSS7.2AI score0.01444EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2011/12/24 7:0 p.m.21 views

CVE-2011-3839

The administration functionality in Wuzly 2.0 allows remote attackers to bypass authentication by setting the dXNlcm5hbWU cookie...

6.9AI score0.01595EPSS
Exploits0References4
Cvelist
Cvelist
added 2011/12/24 7:0 p.m.31 views

CVE-2011-3835

Multiple cross-site scripting XSS vulnerabilities in Wuzly 2.0 allow remote attackers to inject arbitrary web script or HTML via the Referer header to 1 admin/login.php and 2 admin/404.php; the 3 q parameter to search.php; the 4 themename parameter to themesettings.php, 5 extensionname parameter ...

5.8AI score0.01772EPSS
Exploits0References26
CVE
CVE
added 2011/12/24 7:0 p.m.44 views

CVE-2011-3838

Technical details about CVE-2011-3838 are not publicly provided in the connected documents. The available sources only reiterate SQL injection in Wuzly 2.0 without version/impact details. Monitor for updates.

7.5CVSS8.8AI score0.01413EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2011/12/24 7:0 p.m.48 views

CVE-2011-3835

Wuzly 2.0 contains multiple cross-site scripting (XSS) vulnerabilities that allow remote injection of scripts via numerous parameters in admin/, mobile/, and index.php pages (e.g., Referer header in admin/login.php/admin/404.php, q in search.php, theme_name in theme_settings.php, username in admi...

4.3CVSS5.9AI score0.01772EPSS
Exploits0References26Affected Software1
Cvelist
Cvelist
added 2011/12/24 7:0 p.m.18 views

CVE-2011-3837

Directory traversal vulnerability in blogsystem/datafunctions.php in Wuzly 2.0 allows remote attackers to read arbitrary files via a .. dot dot in the preview parameter to index.php...

6.6AI score0.01444EPSS
Exploits0References4
Cvelist
Cvelist
added 2011/12/24 7:0 p.m.22 views

CVE-2011-3836

Multiple cross-site request forgery CSRF vulnerabilities in Wuzly 2.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add an administrator, 2 perform cross-site scripting XSS, 3 perform SQL injection, or have other unspecified impact via unknown vectors...

7.5AI score0.00554EPSS
Exploits0References4
Rows per page
Query Builder