Refbase

Refbase

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-7383

  • EPSS 0.91%
  • Veröffentlicht 28.09.2015 02:59:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge through 2015-04-28 allow remote attackers to inject arbitrary web script or HTML via the (1) adminUserName, (2) pathToMYSQL, (...

7.5

CVE-2015-7382

  • EPSS 3.62%
  • Veröffentlicht 28.09.2015 02:59:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SQL injection vulnerability in install.php in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to execute arbitrary SQL commands via the defaultCharacterSet parameter, a different issue than CVE-2015-6009.

7.5

CVE-2015-7381

  • EPSS 6.15%
  • Veröffentlicht 28.09.2015 02:59:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple PHP remote file inclusion vulnerabilities in install.php in Web Reference Database (aka refbase) through 0.9.6 allow remote attackers to execute arbitrary PHP code via the (1) pathToMYSQL or (2) databaseStructureFile parameter, a different i...

5.8

CVE-2015-6012

  • EPSS 0.5%
  • Veröffentlicht 28.09.2015 02:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple open redirect vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge before 2015-01-08 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the referrer parameter.

5

CVE-2015-6011

  • EPSS 0.93%
  • Veröffentlicht 28.09.2015 02:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge before 2015-01-08 allows remote attackers to conduct XML injection attacks via (1) the id parameter to unapi.php or (2) the stylesheet parameter to sru.php.

4.3

CVE-2015-6010

  • EPSS 0.91%
  • Veröffentlicht 28.09.2015 02:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge before 2015-01-08 allow remote attackers to inject arbitrary web script or HTML via the (1) errorNo or (2) errorMsg parameter ...

7.5

CVE-2015-6009

  • EPSS 3.62%
  • Veröffentlicht 28.09.2015 02:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple SQL injection vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 allow remote attackers to execute arbitrary SQL commands via (1) the where parameter to rss.php or (2) the sqlQuery parameter to search.php, a different issu...

7.5

CVE-2015-6008

  • EPSS 7.55%
  • Veröffentlicht 28.09.2015 02:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

install.php in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to execute arbitrary commands via the adminPassword parameter, a different issue than CVE-2015-7381.

6.8

CVE-2015-6007

  • EPSS 0.11%
  • Veröffentlicht 28.09.2015 02:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to hijack the authentication of arbitrary users.

4.3

CVE-2008-6400

  • EPSS 0.29%
  • Veröffentlicht 05.03.2009 20:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in refbase before 0.9.5 allows remote attackers to inject arbitrary web script or HTML via the headerMsg parameter to (1) show.php and (2) search.php. NOTE: some of these details are obtained from third party...