3 results (0.006 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

Cross-site scripting (XSS) vulnerability in W1L3D4_aramasonuc.asp in W1L3D4 Philboard 0.3 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el W1L3D4_aramasonuc.asp del W1L3D4 Philboard 0.3 permite a atacantes remotos la inyección de secuencias de comandos web o HTML de su elección a través del parámetro searchterms. NOTA: la procedencia de esta información es desconocida; los detalles se obtienen a partir de la información de terceros. • https://www.exploit-db.com/exploits/30382 http://secunia.com/advisories/26182 http://www.securityfocus.com/bid/25055 http://www.vupen.com/english/advisories/2007/2645 https://exchange.xforce.ibmcloud.com/vulnerabilities/35598 •

CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 3

SQL injection vulnerability in urunbak.asp in W1L3D4 WEBmarket 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. Vulnerabilidad de inyección SQL en urunbak.asp de W1L3D4 WEBmarket 0.1 permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id. • https://www.exploit-db.com/exploits/4083 http://osvdb.org/36308 http://secunia.com/advisories/25585 http://securityreason.com/securityalert/2782 http://www.exploit-db.com/exploits/4083 http://www.securityfocus.com/archive/1/470745/100/0/threaded http://www.securityfocus.com/archive/1/471765/100/0/threaded http://www.securityfocus.com/bid/24364 https://exchange.xforce.ibmcloud.com/vulnerabilities/34766 •

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 1

SQL injection vulnerability in W1L3D4_bolum.asp in W1L3D4 Philboard 0.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter, a different vector than CVE-2007-0920. Vulnerabilidad de inyección SQL en W1L3D4_bolum.asp en W1L3D4 Philboard 0.2 permite a atacantes remotos ejecutar comandos SQL a través del parámetro forumid, un vector diferente que CVE-2007-0920. • https://www.exploit-db.com/exploits/3905 http://osvdb.org/35679 http://secunia.com/advisories/25265 http://securityreason.com/securityalert/2692 http://www.securityfocus.com/archive/1/468354/100/0/threaded http://www.securityfocus.com/bid/23945 http://www.vupen.com/english/advisories/2007/1789 https://exchange.xforce.ibmcloud.com/vulnerabilities/34245 •