CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2008-6694
https://notcve.org/view.php?id=CVE-2008-6694
10 Apr 2009 — SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Vulnerabilidad de inyección SQL en Random Prayer (ste_prayer) v0.0.1 para TYPO3 permite a atacantes remotos ejecutar comandos SQL de su elección a través de vectores desconocidos. • http://osvdb.org/46391 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2008-6461
https://notcve.org/view.php?id=CVE-2008-6461
13 Mar 2009 — SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension before 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Una vulnerabilidad de inyección de SQL en la extensión Random Prayer 2 (ste_prayer2) para TYPO3 antes de la versión 0.0.3 permite a atacantes remotos ejecutar comandos SQL a través de vectores no especificados. • http://osvdb.org/48280 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2008-6463
https://notcve.org/view.php?id=CVE-2008-6463
13 Mar 2009 — SQL injection vulnerability in the Diocese of Portsmouth Church Search (pd_churchsearch) extension before 0.1.1, and 0.2.10 and earlier 0.2.x versions, an extension for TYPO3, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Una vulnerabilidad de inyección de SQL en la extensión Diocese of Portsmouth Church Search (pd_churchsearch) para TYPO3, en las versiones anteriores a la 0.1.1 y 0.2.X antes de 0.2.10, permite a atacantes remotos ejecutar comandos SQL a través de vector... • http://osvdb.org/48279 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 40EXPL: 0CVE-2009-0736
https://notcve.org/view.php?id=CVE-2009-0736
25 Feb 2009 — Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados en Pebble anterior a v2.3.2, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de vectores no especificados. • http://secunia.com/advisories/33888 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2008-0691 – WP-Footnotes <= 2.2 - Multiple Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2008-0691
02 Feb 2008 — Multiple cross-site scripting (XSS) vulnerabilities in admin_panel.php in the Simon Elvery WP-Footnotes 2.2 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) wp_footnotes_current_settings[priority], (2) wp_footnotes_current_settings[style_rules], (3) wp_footnotes_current_settings[pre_footnotes], and (4) wp_footnotes_current_settings[post_footnotes] parameters. Múltiples vulnerabilidades de secuencias de sitios cruzados (XSS) en admin_panel.php de la extensión Sim... • https://www.exploit-db.com/exploits/31092 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 3%CPEs: 7EXPL: 1CVE-2007-4397
https://notcve.org/view.php?id=CVE-2007-4397
18 Aug 2007 — Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-info script 1.0, (6) XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file. Múltiples vulnerabilidades de inyección CRLF en (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-in... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065227.html •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2006-5168
https://notcve.org/view.php?id=CVE-2006-5168
04 Oct 2006 — Cross-site scripting (XSS) vulnerability in the search functionality in Simon Brown Pebble 2.0.0 RC1 and RC2 allows remote attackers to inject arbitrary web script or HTML via the query string. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Simon Brown Pebble 2.0.0 RC1 y RC2 permite a un atacante remoto inyectar secuencias de comandos web o HTML a través de la consulta cadena. • http://securityreason.com/securityalert/1689 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2001-1082
https://notcve.org/view.php?id=CVE-2001-1082
13 Jul 2001 — Directory traversal vulnerability in Livingston/Lucent RADIUS before 2.1.va.1 may allow attackers to read arbitrary files via a .. (dot dot) attack. • http://freshmeat.net/releases/52020 •
CVSS: 8.4EPSS: 2%CPEs: 2EXPL: 0CVE-2001-1081
https://notcve.org/view.php?id=CVE-2001-1081
06 Jul 2001 — Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages. • http://archives.neohapsis.com/archives/apps/freshmeat/2001-07/0009.html •