Lucene search
K

93 matches found

Cvelist
Cvelist
added 2009/09/18 8:0 p.m.18 views

CVE-2009-3252

Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the 1 year and 2 id parameters...

8.5AI score0.01019EPSS
Exploits0References4
NVD
NVD
added 2009/05/29 4:30 p.m.14 views

CVE-2009-1809

Multiple cross-site scripting XSS vulnerabilities in myColex 1.4.2 allow remote attackers to inject arbitrary web script or HTML via 1 the year parameter to modules/kalender.php, 2 the Page parameter in a List action to modules/ereignis.php, 3 the Kontext parameter in a Search action to...

4.3CVSS5.8AI score0.01484EPSS
Exploits1References4
NVD
NVD
added 2009/01/29 6:30 p.m.17 views

CVE-2009-0337

SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the 1 month and 2 year parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.1AI score0.0097EPSS
Exploits0References2
Prion
Prion
added 2009/01/29 6:30 p.m.16 views

Sql injection

SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the 1 month and 2 year parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.8AI score0.0097EPSS
Exploits0References2
Cvelist
Cvelist
added 2008/09/04 6:0 p.m.14 views

CVE-2008-3921

Multiple cross-site scripting XSS vulnerabilities in AWStats Totals 1.0 through 1.14 allow remote attackers to inject arbitrary web script or HTML via the 1 month and 2 year parameter...

5.8AI score0.01263EPSS
Exploits0References7
Cvelist
Cvelist
added 2008/07/28 4:0 p.m.25 views

CVE-2008-3348

Cross-site scripting XSS vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition tr allows remote attackers to inject arbitrary web script or HTML via the year parameter...

5.7AI score0.01272EPSS
Exploits1References6
Cvelist
Cvelist
added 2008/07/09 12:0 a.m.21 views

CVE-2007-3650

myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via 1 an invalid year parameter to calendar.php, reached through index.php; 2 a direct request to common.php; and 3 a mode array parameter in the query string to login.php, which reveal the installation path in vario...

6.2AI score0.01151EPSS
Exploits1References2
Cvelist
Cvelist
added 2008/04/21 11:0 p.m.22 views

CVE-2008-1906

Cross-site scripting XSS vulnerability in calendar.php in cpCommerce 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the year parameter in a view.year action...

5.7AI score0.0171EPSS
Exploits1References6
Prion
Prion
added 2007/11/26 10:46 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the year parameter to 1 xml/index.php; or 2 the year parameter to view.page.inc.php, which is reachable through a view action to the top-level...

4.3CVSS5.9AI score0.01729EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2007/11/26 10:46 p.m.12 views

Sql injection

Multiple SQL injection vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the year parameter to 1 view.page.inc.php, which is reachable through a view action to index.php; or 2 the year parameter to news.page.inc.php, which is reachabl...

7.5CVSS9.2AI score0.01018EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2007/09/18 7:17 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in LetterGrade allow remote attackers to inject arbitrary web script or HTML via 1 a student's email address, 2 the year parameter to genbrws/Student/calmonth.php3, and other unspecified vectors related to the calendar. NOTE: the provenance of thi...

4.3CVSS6AI score0.01065EPSS
Exploits0References5
Cvelist
Cvelist
added 2007/06/26 5:0 p.m.28 views

CVE-2007-3182

Multiple cross-site scripting XSS vulnerabilities in Calendarix 0.7.20070307, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 year and 2 month parameters to calendar.php, and the 3 leftfooter parameter to calfooter.inc.php. NOTE: the ycyear...

5.7AI score0.04297EPSS
Exploits1References10
Prion
Prion
added 2007/06/06 1:30 a.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in diary.php in My Databook allows remote attackers to inject arbitrary web script or HTML via the year parameter...

4.3CVSS6.1AI score0.01507EPSS
Exploits0References5
Cvelist
Cvelist
added 2007/06/06 1:0 a.m.20 views

CVE-2007-3064

Cross-site scripting XSS vulnerability in diary.php in My Databook allows remote attackers to inject arbitrary web script or HTML via the year parameter...

5.7AI score0.01507EPSS
Exploits0References5
NVD
NVD
added 2007/06/04 5:30 p.m.17 views

CVE-2007-3003

Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 catid or 2 year parameter to index.php in a viewuser action, different vectors than CVE-2005-1500 and CVE-2005-4225...

7.5CVSS8.2AI score0.01009EPSS
Exploits0References5
NVD
NVD
added 2007/04/09 8:19 p.m.24 views

CVE-2007-1894

Cross-site scripting XSS vulnerability in wp-includes/general-template.php in WordPress before 20070309 allows remote attackers to inject arbitrary web script or HTML via the year parameter in the wptitle function...

4.3CVSS5.6AI score0.03018EPSS
Exploits0References9
OSV
OSV
added 2007/04/09 8:19 p.m.3 views

DEBIAN-CVE-2007-1894

Cross-site scripting XSS vulnerability in wp-includes/general-template.php in WordPress before 20070309 allows remote attackers to inject arbitrary web script or HTML via the year parameter in the wptitle function...

4.3CVSS6AI score0.03018EPSS
Exploits0References1
Cvelist
Cvelist
added 2007/04/09 8:0 p.m.31 views

CVE-2007-1894

Cross-site scripting XSS vulnerability in wp-includes/general-template.php in WordPress before 20070309 allows remote attackers to inject arbitrary web script or HTML via the year parameter in the wptitle function...

5.5AI score0.03018EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2007/04/09 8:0 p.m.49 views

CVE-2007-1894

Cross-site scripting XSS vulnerability in wp-includes/general-template.php in WordPress before 20070309 allows remote attackers to inject arbitrary web script or HTML via the year parameter in the wptitle function...

4.3CVSS4.4AI score0.03018EPSS
Exploits0
NVD
NVD
added 2006/08/18 8:4 p.m.23 views

CVE-2006-4224

Cross-site scripting XSS vulnerability in calendar.php in Virtual War VWar 1.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the year parameter. NOTE: The page parameter vector is covered by CVE-2006-4009...

4.3CVSS5.7AI score0.01116EPSS
Exploits0References3
Rows per page
Query Builder