Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-0679

Malware in sbrugna...

4.3CVSS6.4AI score0.01062EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/08/22 6:26 p.m.6 views

CVE-2025-9237

A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/myaccount.php?editaccount of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is possible to initiate the...

5.4CVSS3.6AI score0.00264EPSS
Exploits1References1
CVE
CVE
added 2025/08/20 5:32 p.m.22 views

CVE-2025-9237

CodeAstro Ecommerce Website 1.0 is affected by a cross-site scripting (XSS) issue in the Edit Your Account Page, specifically via manipulation of the Username parameter in /customer/my_account.php?edit_account. The vulnerability originates from an unknown function in that page; exploitation can b...

5.4CVSS3.8AI score0.00264EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2009/10/01 12:0 a.m.5 views

PT-2009-5812 · Cmsphp · Cmsphp

Name of the Vulnerable Software and Affected Versions: CMSphp version 0.21 Description: A cross-site request forgery CSRF issue exists in the Your account module, allowing remote attackers to hijack administrator authentication for requests that change an administrator's password. This is achieve...

8.8CVSS8.9AI score0.00646EPSS
Exploits1References3
NVD
NVD
added 2009/02/22 10:30 p.m.21 views

CVE-2009-0679

Cross-site scripting XSS vulnerability in the Your Account module in RavenNuke 2.30 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01062EPSS
Exploits1References3
Prion
Prion
added 2009/02/22 10:30 p.m.18 views

Code injection

avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenNuke 2.30 allows remote authenticated users to execute arbitrary code via PHP sequences in an element of the replacements array, which is processed by the pregreplace function with the eval switch, ...

6.5CVSS7.9AI score0.09028EPSS
Exploits0References8Affected Software1
Prion
Prion
added 2009/02/22 10:30 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Your Account module in RavenNuke 2.30 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01062EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2009/02/22 10:30 p.m.19 views

CVE-2009-0677

avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenNuke 2.30 allows remote authenticated users to execute arbitrary code via PHP sequences in an element of the replacements array, which is processed by the pregreplace function with the eval switch, ...

6.5CVSS7.4AI score0.09028EPSS
Exploits0References8
Cvelist
Cvelist
added 2009/02/22 10:0 p.m.24 views

CVE-2009-0677

avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenNuke 2.30 allows remote authenticated users to execute arbitrary code via PHP sequences in an element of the replacements array, which is processed by the pregreplace function with the eval switch, ...

7.4AI score0.09028EPSS
Exploits0References8
0day.today
0day.today
added 2009/02/16 12:0 a.m.25 views

RavenNuke 2.3.0 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications =============================================== RavenNuke 2.3.0 Multiple Remote Vulnerabilities =============================================== waraxe-2009-SA072 - Multiple Vulnerabilities in RavenNuke 2.3.0...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/02/16 12:0 a.m.30 views

RavenNuke 2.3.0 Multiple Remote Vulnerabilities

No description provided by source. waraxe-2009-SA072 - Multiple Vulnerabilities in RavenNuke 2.3.0 =============================================================================== Author: Janek Vind "waraxe" Date: 16. February 2009 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-72.htm...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/02/15 12:0 a.m.20 views

sellownhouse-sql.txt

SellOwnHouse login SQL Injection AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DORK 1 : "2008 SellOwnHouse" DORK 2 : "2007 SellOwnHouse" EXPLOIT : Username: anything' OR 'x'='x Password: anything' OR 'x'='x later attacker can see real admin name and pass in Edit Your Account S@BUN...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2006/05/31 12:0 a.m.20 views

dokuwiki -- multiple vulnerabilities

Multiple vulnerabilities have been reported within dokuwiki. dokuwiki is proven vulnerable to: arbitrary PHP code insertion via spellcheck module, XSS attack via "Update your account profile," bypassing of ACL controls when enabled...

3AI score
Exploits0References3
NVD
NVD
added 2005/10/26 1:2 a.m.16 views

CVE-2005-3304

Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries and execute arbitrary PHP code via 1 the username parameter in the Your Account page, 2 the url parameter in the Downloads module, and 3 the description parameter in the WebLinks module...

7.5CVSS8.4AI score0.05627EPSS
Exploits1References9
securityvulns
securityvulns
added 2005/10/25 12:0 a.m.31 views

PhpNuke 7.8 with all security fixes/patches "Your_Account", "Downloads", "Web Links" SQL Injection / Remote commans execution

PHPNuke 7.8 with all security fixes/patches "Downloads", "WebLinks" & "YourAccount" SQL INjection - remote commands execution poc exploit there are a lot of unsanitized vars in every module, as I can see, so if magicquotesgpc is Off - SQL INJECTION 1 you can go to "Your Account" and submit a...

9AI score
Exploits0
Exploit DB
Exploit DB
added 2005/10/23 12:0 a.m.47 views

PHP-Nuke 7.8 - SQL Injection / Remote Command Execution

?php 20.05 23/10/2005 ---phpnuke78xpl.php PHPNuke 7.8 with all security fixes/patches "Downloads","WebLinks" & "YourAccount" modules SQL Injection / remote commands execution exploit yet not tested 7.9, but OK... by rgod site: http://rgod.altervista.org make these changes in php.ini if you have...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2003/03/10 12:0 a.m.31 views

phpnuke60.txt

Informations : °°°°°°°°°°°°°° Language : PHP Website : http://www.phpnuke.org Versions : 6.0 & 6.5? Modules : MembersList, YourAccount Problem : SQL Injection PHP Configuration : This will work if magicquotesgpc=OFF. PHP Code/Location : °°°°°°°°°°°°°°°°°°° /modules/MembersList/index.php :...

7.4AI score
Exploits0
Rows per page
Query Builder