CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2008-1939 – W1L3D4 philboard 1.0 - 'philboard_reply.asp' SQL Injection
https://notcve.org/view.php?id=CVE-2008-1939
Multiple SQL injection vulnerabilities in W1L3D4 Philboard 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) topic parameters to (a) philboard_reply.asp, and the (3) forumid parameter to (b) philboard_newtopic.asp, different vectors than CVE-2007-2641 and CVE-2007-0920. Múltiples Vulnerabilidades de Inyección SQL en W1L3D4 Philboard 1.0, permiten a atacantes remotos ejecutar comandos SQL arbitrariamente a través de los parámetros (1) id y (2) topic en (a) philboard_reply.asp y del parámetro (3) forumid en (b) philboard_newtopic.asp, vectores diferentes de CVE-2007-2641 y CVE-2007-0920. • https://www.exploit-db.com/exploits/5475 http://www.securityfocus.com/bid/28871 http://www.vupen.com/english/advisories/2008/1340/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41957 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2007-4433
https://notcve.org/view.php?id=CVE-2007-4433
Cross-site scripting (XSS) vulnerability in textfilesearch.aspx in the Text File Search ASP.NET edition allows remote attackers to inject arbitrary web script or HTML via the search field. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en textfilesearch.aspx en la edición Text File Search ASP.NET permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del campo de búsqueda (search). • http://osvdb.org/37734 http://securityreason.com/securityalert/3048 http://www.packetstormsecurity.org/0708-exploits/aspnet-xss.txt http://www.securityfocus.com/bid/25349 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2CVE-2007-4434 – Text File Search Classic - 'TextFileSearch.asp' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-4434
Cross-site scripting (XSS) vulnerability in textfilesearch.asp in the Text File Search ASP (Classic) edition allows remote attackers to inject arbitrary web script or HTML via the query parameter. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en textfilesearch.asp en la edición Text File Search ASP (Classic) permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro query. • https://www.exploit-db.com/exploits/30505 http://osvdb.org/37733 http://securityreason.com/securityalert/3046 http://www.packetstormsecurity.org/0708-exploits/tfsc-xss.txt http://www.securityfocus.com/bid/25350 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4297
https://notcve.org/view.php?id=CVE-2007-4297
Multiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp in Dersimiz Haber Ekleme Modulu allow remote attackers to inject arbitrary web script or HTML via the (1) yazan, (2) mail, and (3) yorum parameters. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en yorumkaydet.asp de Dersimiz Haber Ekleme Modulu permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante los parámetros (1) yazan, (2) mail, y (3) yorum. NOTA: algunos de estos detalles se han obtenido de información de terceros. • http://osvdb.org/37537 http://secunia.com/advisories/26380 http://www.packetstormsecurity.org/0708-exploits/dersimiz-xss.txt http://www.securityfocus.com/bid/25250 http://www.vupen.com/english/advisories/2007/2831 https://exchange.xforce.ibmcloud.com/vulnerabilities/35911 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3885
https://notcve.org/view.php?id=CVE-2007-3885
Cross-site scripting (XSS) vulnerability in philboard_search.asp in husrevforum 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en philboard_search.asp de husrevforum 1.0.1 permite a atacantes remotos inyectar scripts web o HTML de su elección a través del parámetro searchterms. NOTA: El origen de esta información es desconocido; los detalles se han obtenido solamente de información de terceros. • http://secunia.com/advisories/26089 http://secunia.com/advisories/26736 http://www.osvdb.org/38186 http://www.vupen.com/english/advisories/2007/2557 https://exchange.xforce.ibmcloud.com/vulnerabilities/35444 •