CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SQL injection vulnerability in viewcomments.php in YABSoft Advanced Image Hosting AIH Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter...

7.5CVSS8.9AI score0.00926EPSS

Exploits1References1

seebug.org•added 2014/07/01 12:0 a.m.•25 views

YABSoft Advanced Image Hosting Script 2.x 'search.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37233/info YABSoft Advanced Image Hosting Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

7.1AI score

Exploits0

NVD•added 2012/11/26 10:55 p.m.•15 views

CVE-2012-6039

SQL injection vulnerability in viewcomments.php in YABSoft Advanced Image Hosting AIH Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter...

7.5CVSS8.4AI score0.00926EPSS

Exploits1References3

Prion•added 2012/11/26 10:55 p.m.•12 views

Sql injection

SQL injection vulnerability in viewcomments.php in YABSoft Advanced Image Hosting AIH Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter...

7.5CVSS9.1AI score0.00926EPSS

Exploits1References3Affected Software1

Cvelist•added 2012/11/26 10:0 p.m.•22 views

CVE-2012-6039

SQL injection vulnerability in viewcomments.php in YABSoft Advanced Image Hosting AIH Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter...

8.4AI score0.00926EPSS

Exploits1References3

CVE•added 2012/11/26 10:0 p.m.•44 views

CVE-2012-6039

CVE-2012-6039 affects the YABSoft Advanced Image Hosting (AIH) Script, likely version 2.3. The vulnerability is a SQL injection in view_comments.php exploitable via the gal parameter, enabling remote attackers to execute arbitrary SQL commands. Root cause is an input-driven SQL query without prop...

7.5CVSS8.8AI score0.00926EPSS

Exploits1References3Affected Software1

Packet Storm•added 2012/01/13 12:0 a.m.•25 views

YABSoft Advanced Image Hosting Script SQL Injection

Exploit Title: AIHS Advanced Image Hosting Script SQL Injection Vulnerability Author: Robert Cooper Robert.Cooper at areyousecure.net Software Link: http://yabsoft.com/ Tested on: Linux/Windows 7 Vulnerable File: viewcomments.php Vulnerable parameter: viewcomments.php?gal=gallery id PoC:...

0.5AI score

Exploits0

OpenVAS•added 2011/09/22 12:0 a.m.•12 views

YABSoft Advanced Image Hosting Script 'report.php' Cross Site Scripting Vulnerability

YABSoft Advanced Image Hosting Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user- supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

7.7AI score

Exploits0References2

OpenVAS•added 2011/09/22 12:0 a.m.•15 views

YABSoft Advanced Image Hosting Script 'report.php' Cross Site Scripting Vulnerability

YABSoft Advanced Image Hosting Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

6.8AI score

Exploits0References1

exploitpack•added 2011/09/05 12:0 a.m.•10 views

Advanced Image Hosting Script 2.3 - report.php Cross-Site Scripting

Advanced Image Hosting Script 2.3 - report.php Cross-Site Scripting source: https://www.securityfocus.com/bid/49457/info YABSoft Advanced Image Hosting Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...

6.8AI score

Exploits0

Exploit DB•added 2011/09/05 12:0 a.m.•30 views

Advanced Image Hosting Script 2.3 - 'report.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/49457/info YABSoft Advanced Image Hosting Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.4AI score

Exploits0

OpenVAS•added 2009/12/17 12:0 a.m.•46 views

YABSoft AIHS Cross Site Scripting and SQL Injection Vulnerabilities

YABSoft AIHS is prone to Cross-Site Scripting and SQL Injection vulnerabilities SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.00723EPSS

Exploits2References6

OpenVAS•added 2009/12/17 12:0 a.m.•23 views

YABSoft AIHS Cross Site Scripting and SQL Injection Vulnerabilities

The host is running YABSoft AIHS and is prone to Cross-Site Scripting and SQL Injection vulnerabilities OpenVAS Vulnerability Test $Id: gbyabsoftaihsxssnsqlinjvuln.nasl 4970 2017-01-09 15:00:59Z teissa $ YABSoft AIHS Cross Site Scripting and SQL Injection Vulnerabilities Authors: Antu Sanadi...

7.5CVSS0.3AI score0.00723EPSS

Exploits2References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by