CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2006-1077
https://notcve.org/view.php?id=CVE-2006-1077
Multiple cross-site scripting (XSS) vulnerabilities in the commentary in Evo-Dev evoBlog allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter and (2) other unspecified parameters. • http://securityreason.com/securityalert/544 http://www.osvdb.org/23826 http://www.securityfocus.com/archive/1/426826/100/0/threaded http://www.securityfocus.com/archive/1/431869/100/0/threaded http://www.securityfocus.com/bid/16983 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0886
https://notcve.org/view.php?id=CVE-2006-0886
Cross-site scripting (XSS) vulnerability in register.php in DEV web management system 1.5 allows remote attackers to inject arbitrary web script or HTML via the "City/Region" field (mesto variable). NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. • http://secunia.com/advisories/18714 http://www.osvdb.org/23468 http://www.securityfocus.com/bid/16812 http://www.vupen.com/english/advisories/2006/0723 https://exchange.xforce.ibmcloud.com/vulnerabilities/24875 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 7CVE-2005-4554 – Dev Web Management System 1.5 - 'cat' SQL Injection
https://notcve.org/view.php?id=CVE-2005-4554
Multiple SQL injection vulnerabilities in DEV web management system 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter in an openforum action (openforum.php) in index.php, (2) cat parameter in getfile.php, and (3) target parameter in download_now.php. • https://www.exploit-db.com/exploits/1387 https://www.exploit-db.com/exploits/26977 https://www.exploit-db.com/exploits/26976 http://rgod.altervista.org/dev_15_sql_xpl.html http://secunia.com/advisories/18239 http://securitytracker.com/id?1015410 http://www.osvdb.org/22040 http://www.osvdb.org/22041 http://www.osvdb.org/22042 http://www.securityfocus.com/archive/1/420253/100/0/threaded http://www.securityfocus.com/bid/16063 https://exchange.xforce.ibmcloud. •
CVSS: 4.3EPSS: 2%CPEs: 1EXPL: 5CVE-2005-4555 – Dev Web Management System 1.5 - 'add.php' Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2005-4555
Cross-site scripting (XSS) vulnerability in add.php in DEV web management system 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) ENTER_ARTICLE_TITLE, (2) SPECIFY_ZONE, (3) ENTER_ARTICLE_HEADER, and (4) ENTER_ARTICLE_BODY indices in the language array parameter. • https://www.exploit-db.com/exploits/26978 http://rgod.altervista.org/dev_15_sql_xpl.html http://secunia.com/advisories/18239 http://securitytracker.com/id?1015410 http://www.osvdb.org/22043 http://www.securityfocus.com/archive/1/420253/100/0/threaded http://www.securityfocus.com/bid/16063 https://exchange.xforce.ibmcloud.com/vulnerabilities/23900 •
CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 0CVE-2005-4421
https://notcve.org/view.php?id=CVE-2005-4421
Dev-Editor 3.0 allows remote attackers to access any directory outside the web root whose name is a substring of the web root directory name. • http://devedit.sourceforge.net/changelog.shtml http://secunia.com/advisories/17537 http://www.securityfocus.com/bid/15393 http://www.vupen.com/english/advisories/2005/2389 https://exchange.xforce.ibmcloud.com/vulnerabilities/23057 •