Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-3796

Malware in sbrugna...

7.5CVSS6.4AI score0.01595EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-3793

Malware in sbrugna...

6.8CVSS6.4AI score0.00554EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2011-3792

Malware in sbrugna...

4.3CVSS6.4AI score0.01772EPSS
Exploits0References28
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-3795

Malware in sbrugna...

7.5CVSS6.4AI score0.01413EPSS
Exploits0References10
NVD
NVD
added 2011/12/24 7:55 p.m.17 views

CVE-2011-3836

Multiple cross-site request forgery CSRF vulnerabilities in Wuzly 2.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add an administrator, 2 perform cross-site scripting XSS, 3 perform SQL injection, or have other unspecified impact via unknown vectors...

6.8CVSS7.5AI score0.00554EPSS
Exploits0References4
NVD
NVD
added 2011/12/24 7:55 p.m.17 views

CVE-2011-3838

Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 u parameter to fp.php, 2 epage parameter to newpage.php, 3 epost parameter to newpost.php, and 4 username parameter to login.php in admin/; or the 5 username parameter to...

7.5CVSS8.5AI score0.01413EPSS
Exploits0References8
NVD
NVD
added 2011/12/24 7:55 p.m.10 views

CVE-2011-3837

Directory traversal vulnerability in blogsystem/datafunctions.php in Wuzly 2.0 allows remote attackers to read arbitrary files via a .. dot dot in the preview parameter to index.php...

6.8CVSS6.6AI score0.01444EPSS
Exploits0References4
NVD
NVD
added 2011/12/24 7:55 p.m.16 views

CVE-2011-3839

The administration functionality in Wuzly 2.0 allows remote attackers to bypass authentication by setting the dXNlcm5hbWU cookie...

7.5CVSS6.9AI score0.01595EPSS
Exploits0References4
NVD
NVD
added 2011/12/24 7:55 p.m.16 views

CVE-2011-3835

Multiple cross-site scripting XSS vulnerabilities in Wuzly 2.0 allow remote attackers to inject arbitrary web script or HTML via the Referer header to 1 admin/login.php and 2 admin/404.php; the 3 q parameter to search.php; the 4 themename parameter to themesettings.php, 5 extensionname parameter ...

4.3CVSS5.8AI score0.01772EPSS
Exploits0References26
Prion
Prion
added 2011/12/24 7:55 p.m.13 views

Sql injection

Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 u parameter to fp.php, 2 epage parameter to newpage.php, 3 epost parameter to newpost.php, and 4 username parameter to login.php in admin/; or the 5 username parameter to...

7.5CVSS9.3AI score0.01413EPSS
Exploits0References8Affected Software1
Prion
Prion
added 2011/12/24 7:55 p.m.11 views

Directory traversal

Directory traversal vulnerability in blogsystem/datafunctions.php in Wuzly 2.0 allows remote attackers to read arbitrary files via a .. dot dot in the preview parameter to index.php...

6.8CVSS7.2AI score0.01444EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2011/12/24 7:55 p.m.21 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Wuzly 2.0 allow remote attackers to inject arbitrary web script or HTML via the Referer header to 1 admin/login.php and 2 admin/404.php; the 3 q parameter to search.php; the 4 themename parameter to themesettings.php, 5 extensionname parameter ...

4.3CVSS6.1AI score0.01772EPSS
Exploits0References26Affected Software1
Prion
Prion
added 2011/12/24 7:55 p.m.14 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Wuzly 2.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add an administrator, 2 perform cross-site scripting XSS, 3 perform SQL injection, or have other unspecified impact via unknown vectors...

6.8CVSS8AI score0.00554EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2011/12/24 7:0 p.m.17 views

CVE-2011-3837

Directory traversal vulnerability in blogsystem/datafunctions.php in Wuzly 2.0 allows remote attackers to read arbitrary files via a .. dot dot in the preview parameter to index.php...

6.6AI score0.01444EPSS
Exploits0References4
Cvelist
Cvelist
added 2011/12/24 7:0 p.m.21 views

CVE-2011-3839

The administration functionality in Wuzly 2.0 allows remote attackers to bypass authentication by setting the dXNlcm5hbWU cookie...

6.9AI score0.01595EPSS
Exploits0References4
CVE
CVE
added 2011/12/24 7:0 p.m.44 views

CVE-2011-3838

Technical details about CVE-2011-3838 are not publicly provided in the connected documents. The available sources only reiterate SQL injection in Wuzly 2.0 without version/impact details. Monitor for updates.

7.5CVSS8.8AI score0.01413EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2011/12/24 7:0 p.m.48 views

CVE-2011-3835

Wuzly 2.0 contains multiple cross-site scripting (XSS) vulnerabilities that allow remote injection of scripts via numerous parameters in admin/, mobile/, and index.php pages (e.g., Referer header in admin/login.php/admin/404.php, q in search.php, theme_name in theme_settings.php, username in admi...

4.3CVSS5.9AI score0.01772EPSS
Exploits0References26Affected Software1
CVE
CVE
added 2011/12/24 7:0 p.m.43 views

CVE-2011-3837

CVE-2011-3837 concerns a directory traversal vulnerability in Wuzly 2.0. The affected component is blog_system/data_functions.php, with the root cause being improper handling of the preview parameter in index.php, allowing remote attackers to read arbitrary files via .. (dot dot). Public referenc...

6.8CVSS6.8AI score0.01444EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2011/12/24 7:0 p.m.22 views

CVE-2011-3836

Multiple cross-site request forgery CSRF vulnerabilities in Wuzly 2.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add an administrator, 2 perform cross-site scripting XSS, 3 perform SQL injection, or have other unspecified impact via unknown vectors...

7.5AI score0.00554EPSS
Exploits0References4
CVE
CVE
added 2011/12/24 7:0 p.m.45 views

CVE-2011-3839

Summary: CVE-2011-3839 affects Wuzly 2.0. The vulnerability is an authentication bypass in the administration functionality caused by setting the dXNlcm5hbWU cookie, enabling remote attackers to bypass authentication. The impact per the metrics is partial confidentiality, integrity, and availabil...

7.5CVSS7.2AI score0.01595EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder