CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PhpOpenChat, possibly 7 MAXdev MD-Pro, and 8 Simplog, allows remote attackers to execute arbitrary PHP...

7.5CVSS8AI score0.29662EPSS

Exploits1References4

seebug.org•added 2014/07/01 12:0 a.m.•14 views

Xaraya <= 1.0.0 RC4 create() Denial of Service Exploit

No description provided by source. ?php ---XarayaDOS.php 17.30 28/11/2005 Xaraya =1.0.0 RC4 D.O.S coded by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: Hold out baits to entice the enemy. Feign disorder, and crush him. errorreporting...

7.1AI score

Exploits0

NVD•added 2014/02/05 3:10 p.m.•10 views

CVE-2013-3639

Multiple cross-site scripting XSS vulnerabilities in Xaraya 2.4.0-b1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 id, 2 interface, 3 name, or 4 tabmodule parameter to index.php...

4.3CVSS5.7AI score0.06262EPSS

Exploits2References5

CVE•added 2014/02/05 3:0 p.m.•38 views

CVE-2013-3639

CVE-2013-3639 details multiple cross-site scripting (XSS) vulnerabilities in Xaraya 2.4.0-b1 and earlier, exploitable via index.php parameters (id, interface, name, tabmodule). Root cause: insufficient sanitisation of user-supplied data delivered to /index.php, enabling an attacker to craft links...

4.3CVSS5.8AI score0.06262EPSS

Exploits2References5Affected Software1

Cvelist•added 2014/02/05 3:0 p.m.•18 views

CVE-2013-3639

5.7AI score0.06262EPSS

Exploits2References5

securityvulns•added 2013/07/15 12:0 a.m.•53 views

Multiple XSS Vulnerabilities in Xaraya

Advisory ID: HTB23156 Product: Xaraya Vendor: Xaraya Development Group Vulnerable Versions: 2.4.0-b1 and probably prior Tested Version: 2.4.0-b1 Vendor Notification: May 15, 2013 Public Disclosure: June 26, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2013-3639 Risk...

4.3CVSS0.8AI score0.06262EPSS

Exploits2

exploitpack•added 2013/06/26 12:0 a.m.•26 views

Xaraya - Multiple Cross-Site Scripting Vulnerabilities

Xaraya - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/60795/info Xaraya is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary HTML a...

0.2AI score

Exploits0

Exploit DB•added 2013/06/26 12:0 a.m.•29 views

Xaraya - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/60795/info Xaraya is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary HTML and script code in the browser of an unsuspecting user i...

7.4AI score

Exploits0

Packet Storm•added 2013/06/26 12:0 a.m.•46 views

Xaraya 2.4.0-b1 Cross Site Scripting

4.3CVSS0.06262EPSS

Exploits2

htbridge•added 2013/05/15 12:0 a.m.•34 views

Multiple XSS Vulnerabilities in Xaraya

High-Tech Bridge Security Research Lab discovered four XSS vulnerabilities in Xaraya, which can be exploited to perform cross-site scripting attacks against administrators of vulnerable application. 1 Multiple Cross-Site Scripting XSS in Xaraya: CVE-2013-3639 1.1 The vulnerability exists due to...

2.6CVSS5.2AI score0.06262EPSS

Exploits2Affected Software1

Packet Storm•added 2011/02/15 12:0 a.m.•23 views

Xaraya 2.2.0 Beta 1 Path Disclosure

Vulnerability ID: HTB22829 Reference: http://www.htbridge.ch/advisory/pathdisclosureinxaraya.html Product: Xaraya Vendor: Xaraya Development Group http://www.xaraya.com/ Vulnerable Version: 2.2.0 beta 1 Vendor Notification: 01 February 2011 Vulnerability Type: Path disclosure Risk level: Low...

7.4AI score

Exploits0

securityvulns•added 2011/02/15 12:0 a.m.•57 views

HTB22829: Path disclosure in Xaraya

7AI score

Exploits0

securityvulns•added 2009/01/11 12:0 a.m.•28 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Xaraya: crossite scripting...

1.8AI score

Exploits0References5

securityvulns•added 2009/01/11 12:0 a.m.•19 views

Cross-Site Scripting vulnerability in Xaraya

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в системе Xaraya. XSS: Уязвимость в index.php в параметре d. http://site/?module=search&q=';alertdocument.cookie;// В последних версиях системы уязвимость уже исправлена. Дополнительная информация о данной уязвимост...

0.2AI score

Exploits0

Prion•added 2007/04/25 4:19 p.m.•10 views

Code injection

Unspecified vulnerability in the Roles module in Xaraya 1.1.2 and earlier allows attackers to gain privileges via unspecified vectors, probably related to incorrect permission checking in xartemplates/user-view.xd...

7.5CVSS7.3AI score0.00743EPSS

Exploits0References7Affected Software1

NVD•added 2007/04/25 4:19 p.m.•11 views

CVE-2007-2251

7.5CVSS6.8AI score0.00743EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by