Search

Find a vulnerability

Search criteria

    10 vulnerabilities by pre_projects

    CVE-2008-0543 (GCVE-0-2008-0543)

    Vulnerability from nvd – Published: 2008-02-01 19:41 – Updated: 2024-08-07 07:46
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/28651 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/3603 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/487054/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/27451 vdb-entryx_refsource_BID
    Date Public
    2008-01-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:46:55.115Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "predynamic-login-sql-injection(39942)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39942"
              },
              {
                "name": "28651",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28651"
              },
              {
                "name": "3603",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3603"
              },
              {
                "name": "20080124 Pre Dynamic Institution bypass",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/487054/100/0/threaded"
              },
              {
                "name": "27451",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27451"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-01-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "predynamic-login-sql-injection(39942)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39942"
            },
            {
              "name": "28651",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28651"
            },
            {
              "name": "3603",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3603"
            },
            {
              "name": "20080124 Pre Dynamic Institution bypass",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/487054/100/0/threaded"
            },
            {
              "name": "27451",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27451"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0543",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "predynamic-login-sql-injection(39942)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39942"
                },
                {
                  "name": "28651",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28651"
                },
                {
                  "name": "3603",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3603"
                },
                {
                  "name": "20080124 Pre Dynamic Institution bypass",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/487054/100/0/threaded"
                },
                {
                  "name": "27451",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27451"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0543",
        "datePublished": "2008-02-01T19:41:00.000Z",
        "dateReserved": "2008-02-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:46:55.115Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2675 (GCVE-0-2007-2675)

    Vulnerability from nvd – Published: 2007-05-14 23:00 – Updated: 2024-08-07 13:49
    VLAI
    Summary
    SQL injection vulnerability in search.php in Pre Classifieds Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/3840 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/1655 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/23795 vdb-entryx_refsource_BID
    http://www.securityfocus.com/bid/52543/exploit x_refsource_MISC
    http://osvdb.org/35597 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/25144 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/52543 vdb-entryx_refsource_BID
    Date Public
    2007-05-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:49:57.188Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3840",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/3840"
              },
              {
                "name": "preclassifiedlistings-search-sql-injection(34037)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34037"
              },
              {
                "name": "ADV-2007-1655",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1655"
              },
              {
                "name": "23795",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23795"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/52543/exploit"
              },
              {
                "name": "35597",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/35597"
              },
              {
                "name": "25144",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25144"
              },
              {
                "name": "52543",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/52543"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in search.php in Pre Classifieds Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3840",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/3840"
            },
            {
              "name": "preclassifiedlistings-search-sql-injection(34037)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34037"
            },
            {
              "name": "ADV-2007-1655",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1655"
            },
            {
              "name": "23795",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23795"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityfocus.com/bid/52543/exploit"
            },
            {
              "name": "35597",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/35597"
            },
            {
              "name": "25144",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25144"
            },
            {
              "name": "52543",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/52543"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2675",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in search.php in Pre Classifieds Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3840",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/3840"
                },
                {
                  "name": "preclassifiedlistings-search-sql-injection(34037)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34037"
                },
                {
                  "name": "ADV-2007-1655",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1655"
                },
                {
                  "name": "23795",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23795"
                },
                {
                  "name": "http://www.securityfocus.com/bid/52543/exploit",
                  "refsource": "MISC",
                  "url": "http://www.securityfocus.com/bid/52543/exploit"
                },
                {
                  "name": "35597",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/35597"
                },
                {
                  "name": "25144",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25144"
                },
                {
                  "name": "52543",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/52543"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2675",
        "datePublished": "2007-05-14T23:00:00.000Z",
        "dateReserved": "2007-05-14T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:49:57.188Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2674 (GCVE-0-2007-2674)

    Vulnerability from nvd – Published: 2007-05-14 23:00 – Updated: 2024-08-07 13:49
    VLAI
    Summary
    SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execute arbitrary SQL commands via the prodid parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/3842 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/23794 vdb-entryx_refsource_BID
    http://osvdb.org/37814 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-05-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:49:57.162Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3842",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/3842"
              },
              {
                "name": "23794",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23794"
              },
              {
                "name": "37814",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/37814"
              },
              {
                "name": "preshoppingmall-detail-sql-injection(34034)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34034"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execute arbitrary SQL commands via the prodid parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3842",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/3842"
            },
            {
              "name": "23794",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23794"
            },
            {
              "name": "37814",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/37814"
            },
            {
              "name": "preshoppingmall-detail-sql-injection(34034)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34034"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2674",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execute arbitrary SQL commands via the prodid parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3842",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/3842"
                },
                {
                  "name": "23794",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23794"
                },
                {
                  "name": "37814",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/37814"
                },
                {
                  "name": "preshoppingmall-detail-sql-injection(34034)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34034"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2674",
        "datePublished": "2007-05-14T23:00:00.000Z",
        "dateReserved": "2007-05-14T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:49:57.162Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2763 (GCVE-0-2006-2763)

    Vulnerability from nvd – Published: 2006-06-02 01:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. It is possible that this is primary to CVE-2006-2678.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/26077 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26079 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26074 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2006/1990 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/20284 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/497185/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/493369/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/5803 exploitx_refsource_EXPLOIT-DB
    http://www.osvdb.org/26078 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26073 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26076 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/26075 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/497219/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-05-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:51.886Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "prenewsmanager-newsdetail-sql-injection(34035)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34035"
              },
              {
                "name": "26077",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26077"
              },
              {
                "name": "26079",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26079"
              },
              {
                "name": "26074",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26074"
              },
              {
                "name": "ADV-2006-1990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1990"
              },
              {
                "name": "20284",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20284"
              },
              {
                "name": "20081009 News Manager Remote SQL Injection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/497185/100/0/threaded"
              },
              {
                "name": "20080615 [ECHO_ADV_97$2008] Pre News Manager \u003c= 1.0 (index.php id) Sql Injection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/493369/100/0/threaded"
              },
              {
                "name": "5803",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5803"
              },
              {
                "name": "26078",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26078"
              },
              {
                "name": "26073",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26073"
              },
              {
                "name": "26076",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26076"
              },
              {
                "name": "prenewsmanager-index-sql-injection(43070)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43070"
              },
              {
                "name": "26075",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26075"
              },
              {
                "name": "20081009 Re: News Manager Remote SQL Injection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/497219/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.  It is possible that this is primary to CVE-2006-2678."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "prenewsmanager-newsdetail-sql-injection(34035)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34035"
            },
            {
              "name": "26077",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26077"
            },
            {
              "name": "26079",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26079"
            },
            {
              "name": "26074",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26074"
            },
            {
              "name": "ADV-2006-1990",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1990"
            },
            {
              "name": "20284",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20284"
            },
            {
              "name": "20081009 News Manager Remote SQL Injection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/497185/100/0/threaded"
            },
            {
              "name": "20080615 [ECHO_ADV_97$2008] Pre News Manager \u003c= 1.0 (index.php id) Sql Injection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/493369/100/0/threaded"
            },
            {
              "name": "5803",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5803"
            },
            {
              "name": "26078",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26078"
            },
            {
              "name": "26073",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26073"
            },
            {
              "name": "26076",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26076"
            },
            {
              "name": "prenewsmanager-index-sql-injection(43070)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43070"
            },
            {
              "name": "26075",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26075"
            },
            {
              "name": "20081009 Re: News Manager Remote SQL Injection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/497219/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2763",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.  It is possible that this is primary to CVE-2006-2678."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "prenewsmanager-newsdetail-sql-injection(34035)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34035"
                },
                {
                  "name": "26077",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26077"
                },
                {
                  "name": "26079",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26079"
                },
                {
                  "name": "26074",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26074"
                },
                {
                  "name": "ADV-2006-1990",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1990"
                },
                {
                  "name": "20284",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20284"
                },
                {
                  "name": "20081009 News Manager Remote SQL Injection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/497185/100/0/threaded"
                },
                {
                  "name": "20080615 [ECHO_ADV_97$2008] Pre News Manager \u003c= 1.0 (index.php id) Sql Injection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/493369/100/0/threaded"
                },
                {
                  "name": "5803",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5803"
                },
                {
                  "name": "26078",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26078"
                },
                {
                  "name": "26073",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26073"
                },
                {
                  "name": "26076",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26076"
                },
                {
                  "name": "prenewsmanager-index-sql-injection(43070)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43070"
                },
                {
                  "name": "26075",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26075"
                },
                {
                  "name": "20081009 Re: News Manager Remote SQL Injection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/497219/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2763",
        "datePublished": "2006-06-02T01:00:00.000Z",
        "dateReserved": "2006-06-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:51.886Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2678 (GCVE-0-2006-2678)

    Vulnerability from nvd – Published: 2006-05-31 10:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/26068 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/435020/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/996 third-party-advisoryx_refsource_SREASON
    http://www.vupen.com/english/advisories/2006/1990 vdb-entryx_refsource_VUPEN
    http://www.osvdb.org/26070 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/20284 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/26069 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26071 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26072 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/18333 vdb-entryx_refsource_BID
    http://www.osvdb.org/26066 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26067 vdb-entryx_refsource_OSVDB
    Date Public
    2006-05-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:51.869Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "26068",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26068"
              },
              {
                "name": "prenewsmanager-multiple-xss(26692)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26692"
              },
              {
                "name": "20060524 Pre News Manager v1.0",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/435020/100/0/threaded"
              },
              {
                "name": "996",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/996"
              },
              {
                "name": "ADV-2006-1990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1990"
              },
              {
                "name": "26070",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26070"
              },
              {
                "name": "20284",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20284"
              },
              {
                "name": "26069",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26069"
              },
              {
                "name": "26071",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26071"
              },
              {
                "name": "26072",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26072"
              },
              {
                "name": "18333",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18333"
              },
              {
                "name": "26066",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26066"
              },
              {
                "name": "26067",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26067"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "26068",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26068"
            },
            {
              "name": "prenewsmanager-multiple-xss(26692)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26692"
            },
            {
              "name": "20060524 Pre News Manager v1.0",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/435020/100/0/threaded"
            },
            {
              "name": "996",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/996"
            },
            {
              "name": "ADV-2006-1990",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1990"
            },
            {
              "name": "26070",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26070"
            },
            {
              "name": "20284",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20284"
            },
            {
              "name": "26069",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26069"
            },
            {
              "name": "26071",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26071"
            },
            {
              "name": "26072",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26072"
            },
            {
              "name": "18333",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18333"
            },
            {
              "name": "26066",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26066"
            },
            {
              "name": "26067",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26067"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2678",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "26068",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26068"
                },
                {
                  "name": "prenewsmanager-multiple-xss(26692)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26692"
                },
                {
                  "name": "20060524 Pre News Manager v1.0",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/435020/100/0/threaded"
                },
                {
                  "name": "996",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/996"
                },
                {
                  "name": "ADV-2006-1990",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1990"
                },
                {
                  "name": "26070",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26070"
                },
                {
                  "name": "20284",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20284"
                },
                {
                  "name": "26069",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26069"
                },
                {
                  "name": "26071",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26071"
                },
                {
                  "name": "26072",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26072"
                },
                {
                  "name": "18333",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18333"
                },
                {
                  "name": "26066",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26066"
                },
                {
                  "name": "26067",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26067"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2678",
        "datePublished": "2006-05-31T10:00:00.000Z",
        "dateReserved": "2006-05-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:51.869Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-0543 (GCVE-0-2008-0543)

    Vulnerability from cvelistv5 – Published: 2008-02-01 19:41 – Updated: 2024-08-07 07:46
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/28651 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/3603 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/487054/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/27451 vdb-entryx_refsource_BID
    Date Public
    2008-01-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:46:55.115Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "predynamic-login-sql-injection(39942)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39942"
              },
              {
                "name": "28651",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28651"
              },
              {
                "name": "3603",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3603"
              },
              {
                "name": "20080124 Pre Dynamic Institution bypass",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/487054/100/0/threaded"
              },
              {
                "name": "27451",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27451"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-01-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "predynamic-login-sql-injection(39942)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39942"
            },
            {
              "name": "28651",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28651"
            },
            {
              "name": "3603",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3603"
            },
            {
              "name": "20080124 Pre Dynamic Institution bypass",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/487054/100/0/threaded"
            },
            {
              "name": "27451",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27451"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-0543",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "predynamic-login-sql-injection(39942)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39942"
                },
                {
                  "name": "28651",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28651"
                },
                {
                  "name": "3603",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3603"
                },
                {
                  "name": "20080124 Pre Dynamic Institution bypass",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/487054/100/0/threaded"
                },
                {
                  "name": "27451",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27451"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-0543",
        "datePublished": "2008-02-01T19:41:00.000Z",
        "dateReserved": "2008-02-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:46:55.115Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2675 (GCVE-0-2007-2675)

    Vulnerability from cvelistv5 – Published: 2007-05-14 23:00 – Updated: 2024-08-07 13:49
    VLAI
    Summary
    SQL injection vulnerability in search.php in Pre Classifieds Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/3840 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/1655 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/23795 vdb-entryx_refsource_BID
    http://www.securityfocus.com/bid/52543/exploit x_refsource_MISC
    http://osvdb.org/35597 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/25144 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/52543 vdb-entryx_refsource_BID
    Date Public
    2007-05-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:49:57.188Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3840",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/3840"
              },
              {
                "name": "preclassifiedlistings-search-sql-injection(34037)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34037"
              },
              {
                "name": "ADV-2007-1655",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1655"
              },
              {
                "name": "23795",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23795"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/52543/exploit"
              },
              {
                "name": "35597",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/35597"
              },
              {
                "name": "25144",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25144"
              },
              {
                "name": "52543",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/52543"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in search.php in Pre Classifieds Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3840",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/3840"
            },
            {
              "name": "preclassifiedlistings-search-sql-injection(34037)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34037"
            },
            {
              "name": "ADV-2007-1655",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1655"
            },
            {
              "name": "23795",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23795"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityfocus.com/bid/52543/exploit"
            },
            {
              "name": "35597",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/35597"
            },
            {
              "name": "25144",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25144"
            },
            {
              "name": "52543",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/52543"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2675",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in search.php in Pre Classifieds Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3840",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/3840"
                },
                {
                  "name": "preclassifiedlistings-search-sql-injection(34037)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34037"
                },
                {
                  "name": "ADV-2007-1655",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1655"
                },
                {
                  "name": "23795",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23795"
                },
                {
                  "name": "http://www.securityfocus.com/bid/52543/exploit",
                  "refsource": "MISC",
                  "url": "http://www.securityfocus.com/bid/52543/exploit"
                },
                {
                  "name": "35597",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/35597"
                },
                {
                  "name": "25144",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25144"
                },
                {
                  "name": "52543",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/52543"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2675",
        "datePublished": "2007-05-14T23:00:00.000Z",
        "dateReserved": "2007-05-14T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:49:57.188Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2674 (GCVE-0-2007-2674)

    Vulnerability from cvelistv5 – Published: 2007-05-14 23:00 – Updated: 2024-08-07 13:49
    VLAI
    Summary
    SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execute arbitrary SQL commands via the prodid parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/3842 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/23794 vdb-entryx_refsource_BID
    http://osvdb.org/37814 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-05-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:49:57.162Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3842",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/3842"
              },
              {
                "name": "23794",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23794"
              },
              {
                "name": "37814",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/37814"
              },
              {
                "name": "preshoppingmall-detail-sql-injection(34034)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34034"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execute arbitrary SQL commands via the prodid parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3842",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/3842"
            },
            {
              "name": "23794",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23794"
            },
            {
              "name": "37814",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/37814"
            },
            {
              "name": "preshoppingmall-detail-sql-injection(34034)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34034"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2674",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execute arbitrary SQL commands via the prodid parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3842",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/3842"
                },
                {
                  "name": "23794",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23794"
                },
                {
                  "name": "37814",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/37814"
                },
                {
                  "name": "preshoppingmall-detail-sql-injection(34034)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34034"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2674",
        "datePublished": "2007-05-14T23:00:00.000Z",
        "dateReserved": "2007-05-14T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:49:57.162Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2763 (GCVE-0-2006-2763)

    Vulnerability from cvelistv5 – Published: 2006-06-02 01:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. It is possible that this is primary to CVE-2006-2678.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/26077 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26079 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26074 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2006/1990 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/20284 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/497185/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/493369/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/5803 exploitx_refsource_EXPLOIT-DB
    http://www.osvdb.org/26078 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26073 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26076 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/26075 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/497219/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-05-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:51.886Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "prenewsmanager-newsdetail-sql-injection(34035)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34035"
              },
              {
                "name": "26077",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26077"
              },
              {
                "name": "26079",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26079"
              },
              {
                "name": "26074",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26074"
              },
              {
                "name": "ADV-2006-1990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1990"
              },
              {
                "name": "20284",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20284"
              },
              {
                "name": "20081009 News Manager Remote SQL Injection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/497185/100/0/threaded"
              },
              {
                "name": "20080615 [ECHO_ADV_97$2008] Pre News Manager \u003c= 1.0 (index.php id) Sql Injection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/493369/100/0/threaded"
              },
              {
                "name": "5803",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5803"
              },
              {
                "name": "26078",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26078"
              },
              {
                "name": "26073",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26073"
              },
              {
                "name": "26076",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26076"
              },
              {
                "name": "prenewsmanager-index-sql-injection(43070)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43070"
              },
              {
                "name": "26075",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26075"
              },
              {
                "name": "20081009 Re: News Manager Remote SQL Injection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/497219/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.  It is possible that this is primary to CVE-2006-2678."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "prenewsmanager-newsdetail-sql-injection(34035)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34035"
            },
            {
              "name": "26077",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26077"
            },
            {
              "name": "26079",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26079"
            },
            {
              "name": "26074",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26074"
            },
            {
              "name": "ADV-2006-1990",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1990"
            },
            {
              "name": "20284",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20284"
            },
            {
              "name": "20081009 News Manager Remote SQL Injection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/497185/100/0/threaded"
            },
            {
              "name": "20080615 [ECHO_ADV_97$2008] Pre News Manager \u003c= 1.0 (index.php id) Sql Injection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/493369/100/0/threaded"
            },
            {
              "name": "5803",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5803"
            },
            {
              "name": "26078",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26078"
            },
            {
              "name": "26073",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26073"
            },
            {
              "name": "26076",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26076"
            },
            {
              "name": "prenewsmanager-index-sql-injection(43070)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43070"
            },
            {
              "name": "26075",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26075"
            },
            {
              "name": "20081009 Re: News Manager Remote SQL Injection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/497219/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2763",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.  It is possible that this is primary to CVE-2006-2678."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "prenewsmanager-newsdetail-sql-injection(34035)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34035"
                },
                {
                  "name": "26077",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26077"
                },
                {
                  "name": "26079",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26079"
                },
                {
                  "name": "26074",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26074"
                },
                {
                  "name": "ADV-2006-1990",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1990"
                },
                {
                  "name": "20284",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20284"
                },
                {
                  "name": "20081009 News Manager Remote SQL Injection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/497185/100/0/threaded"
                },
                {
                  "name": "20080615 [ECHO_ADV_97$2008] Pre News Manager \u003c= 1.0 (index.php id) Sql Injection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/493369/100/0/threaded"
                },
                {
                  "name": "5803",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5803"
                },
                {
                  "name": "26078",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26078"
                },
                {
                  "name": "26073",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26073"
                },
                {
                  "name": "26076",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26076"
                },
                {
                  "name": "prenewsmanager-index-sql-injection(43070)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43070"
                },
                {
                  "name": "26075",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26075"
                },
                {
                  "name": "20081009 Re: News Manager Remote SQL Injection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/497219/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2763",
        "datePublished": "2006-06-02T01:00:00.000Z",
        "dateReserved": "2006-06-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:51.886Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2678 (GCVE-0-2006-2678)

    Vulnerability from cvelistv5 – Published: 2006-05-31 10:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/26068 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/435020/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/996 third-party-advisoryx_refsource_SREASON
    http://www.vupen.com/english/advisories/2006/1990 vdb-entryx_refsource_VUPEN
    http://www.osvdb.org/26070 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/20284 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/26069 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26071 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26072 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/18333 vdb-entryx_refsource_BID
    http://www.osvdb.org/26066 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26067 vdb-entryx_refsource_OSVDB
    Date Public
    2006-05-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:51.869Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "26068",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26068"
              },
              {
                "name": "prenewsmanager-multiple-xss(26692)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26692"
              },
              {
                "name": "20060524 Pre News Manager v1.0",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/435020/100/0/threaded"
              },
              {
                "name": "996",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/996"
              },
              {
                "name": "ADV-2006-1990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1990"
              },
              {
                "name": "26070",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26070"
              },
              {
                "name": "20284",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20284"
              },
              {
                "name": "26069",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26069"
              },
              {
                "name": "26071",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26071"
              },
              {
                "name": "26072",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26072"
              },
              {
                "name": "18333",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18333"
              },
              {
                "name": "26066",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26066"
              },
              {
                "name": "26067",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26067"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "26068",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26068"
            },
            {
              "name": "prenewsmanager-multiple-xss(26692)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26692"
            },
            {
              "name": "20060524 Pre News Manager v1.0",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/435020/100/0/threaded"
            },
            {
              "name": "996",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/996"
            },
            {
              "name": "ADV-2006-1990",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1990"
            },
            {
              "name": "26070",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26070"
            },
            {
              "name": "20284",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20284"
            },
            {
              "name": "26069",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26069"
            },
            {
              "name": "26071",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26071"
            },
            {
              "name": "26072",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26072"
            },
            {
              "name": "18333",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18333"
            },
            {
              "name": "26066",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26066"
            },
            {
              "name": "26067",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26067"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2678",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "26068",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26068"
                },
                {
                  "name": "prenewsmanager-multiple-xss(26692)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26692"
                },
                {
                  "name": "20060524 Pre News Manager v1.0",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/435020/100/0/threaded"
                },
                {
                  "name": "996",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/996"
                },
                {
                  "name": "ADV-2006-1990",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1990"
                },
                {
                  "name": "26070",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26070"
                },
                {
                  "name": "20284",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20284"
                },
                {
                  "name": "26069",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26069"
                },
                {
                  "name": "26071",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26071"
                },
                {
                  "name": "26072",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26072"
                },
                {
                  "name": "18333",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18333"
                },
                {
                  "name": "26066",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26066"
                },
                {
                  "name": "26067",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26067"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2678",
        "datePublished": "2006-05-31T10:00:00.000Z",
        "dateReserved": "2006-05-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:51.869Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }