CVE-2006-2367
- EPSS 0.67%
- Veröffentlicht 15.05.2006 16:06:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Cross-site scripting (XSS) vulnerability in index.php in Clansys (aka Clanpage System) 1.0 and 1.1 allows remote attackers to inject arbitrary web script or HTML via the func parameter in a search function.
CVE-2006-2368
- EPSS 0.67%
- Veröffentlicht 15.05.2006 16:06:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Cross-site scripting (XSS) vulnerability in index.php in Clansys (aka Clanpage System) 1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2006-2005
- EPSS 10.62%
- Veröffentlicht 25.04.2006 12:50:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Eval injection vulnerability in index.php in ClanSys 1.1 allows remote attackers to execute arbitrary PHP code via PHP code in the page parameter, as demonstrated by using an "include" statement that is injected into the eval statement. NOTE: this i...
CVE-2006-1708
- EPSS 2.45%
- Veröffentlicht 11.04.2006 10:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
SQL injection vulnerability in member.php in Clansys 1.1 allows remote attackers to execute arbitrary SQL commands via the showid parameter in the member page to index.php.