CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3885
https://notcve.org/view.php?id=CVE-2007-3885
Cross-site scripting (XSS) vulnerability in philboard_search.asp in husrevforum 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en philboard_search.asp de husrevforum 1.0.1 permite a atacantes remotos inyectar scripts web o HTML de su elección a través del parámetro searchterms. NOTA: El origen de esta información es desconocido; los detalles se han obtenido solamente de información de terceros. • http://secunia.com/advisories/26089 http://secunia.com/advisories/26736 http://www.osvdb.org/38186 http://www.vupen.com/english/advisories/2007/2557 https://exchange.xforce.ibmcloud.com/vulnerabilities/35444 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-7161
https://notcve.org/view.php?id=CVE-2006-7161
SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows remote attackers to bypass authentication via the (1) k_a class or (2) sifre parameter. Vulnerabilidad de inyección SQL en el giris_yap.asp del Hazir Site 2.0 permite a atacantes remotos evitar la autenticación a través de los parámetros 1) k_a class o (2) sifre. • http://securityreason.com/securityalert/2374 http://www.securityfocus.com/archive/1/447829/100/0/threaded http://www.securityfocus.com/bid/20375 https://exchange.xforce.ibmcloud.com/vulnerabilities/29371 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2006-6337 – Aspee Ziyaretci Defteri - 'giris.asp' Multiple Field SQL Injections
https://notcve.org/view.php?id=CVE-2006-6337
Multiple SQL injection vulnerabilities in giris.asp in Aspee and Dogantepe Ziyaretci Defteri allow remote attackers to execute arbitrary SQL commands via the (1) kullanici or (2) parola parameter. Múltiples vulnerabilidades de inyección SQL en giris.asp de Aspee y Dogantepe Ziyaretci Defteri permiten a atacantes remotos ejecutar comandos SQL de su elección mediante los parámetros (1) kullanici y (2) parola. • https://www.exploit-db.com/exploits/29216 http://secunia.com/advisories/23291 http://www.securityfocus.com/archive/1/453234/100/0/threaded http://www.securityfocus.com/archive/1/454589/100/0/threaded http://www.securityfocus.com/bid/21398 http://www.securityfocus.com/bid/21627 http://www.vupen.com/english/advisories/2006/4825 https://exchange.xforce.ibmcloud.com/vulnerabilities/30919 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2006-5023 – xweblog 2.1 - 'kategori.asp' SQL Injection
https://notcve.org/view.php?id=CVE-2006-5023
SQL injection vulnerability in kategori.asp in xweblog 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the kategori parameter. Vulnerabilidad de inyección SQL en kategori.asp en xweblog 2.1 y anteriores permite a un atacante remoto ejecutar comandos SQL de su elección a través del parámetro kategori. • https://www.exploit-db.com/exploits/2416 http://secunia.com/advisories/22052 http://www.securityfocus.com/bid/20145 http://www.vupen.com/english/advisories/2006/3762 https://exchange.xforce.ibmcloud.com/vulnerabilities/29103 •