Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities by myabracadaweb
CVE-2003-1548 (GCVE-0-2003-1548)
Vulnerability from cvelistv5 – Published: 2008-03-06 01:00 – Updated: 2024-08-08 02:35
VLAI
EPSS
VEX
Summary
MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id?1006308 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/315317/30/… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/7126 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/3717 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/8320 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2003-03-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1006308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006308"
},
{
"name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
},
{
"name": "7126",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7126"
},
{
"name": "3717",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3717"
},
{
"name": "myabracadaweb-index-path-disclosure(11556)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11556"
},
{
"name": "8320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8320"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1006308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006308"
},
{
"name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
},
{
"name": "7126",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7126"
},
{
"name": "3717",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3717"
},
{
"name": "myabracadaweb-index-path-disclosure(11556)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11556"
},
{
"name": "8320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8320"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1006308",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006308"
},
{
"name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
},
{
"name": "7126",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7126"
},
{
"name": "3717",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3717"
},
{
"name": "myabracadaweb-index-path-disclosure(11556)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11556"
},
{
"name": "8320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8320"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1548",
"datePublished": "2008-03-06T01:00:00.000Z",
"dateReserved": "2008-03-05T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:35:17.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1549 (GCVE-0-2003-1549)
Vulnerability from cvelistv5 – Published: 2008-03-06 01:00 – Updated: 2024-08-08 02:35
VLAI
EPSS
VEX
Summary
Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id?1006308 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/7127 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/315317/30/… | mailing-listx_refsource_BUGTRAQ |
| http://www.webmaster-mag.net/?module=distridoc&idCat=3 | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.security-corporation.com/download/patc… | x_refsource_MISC |
| http://securityreason.com/securityalert/3717 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/8320 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2003-03-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:16.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1006308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006308"
},
{
"name": "7127",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7127"
},
{
"name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3"
},
{
"name": "myabracadaweb-index-makw-xss(11557)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11557"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip"
},
{
"name": "3717",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3717"
},
{
"name": "8320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8320"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1006308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006308"
},
{
"name": "7127",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7127"
},
{
"name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3"
},
{
"name": "myabracadaweb-index-makw-xss(11557)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11557"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip"
},
{
"name": "3717",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3717"
},
{
"name": "8320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8320"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1549",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1006308",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006308"
},
{
"name": "7127",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7127"
},
{
"name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
},
{
"name": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3",
"refsource": "MISC",
"url": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3"
},
{
"name": "myabracadaweb-index-makw-xss(11557)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11557"
},
{
"name": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip",
"refsource": "MISC",
"url": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip"
},
{
"name": "3717",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3717"
},
{
"name": "8320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8320"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1549",
"datePublished": "2008-03-06T01:00:00.000Z",
"dateReserved": "2008-03-05T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:35:16.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4719 (GCVE-0-2006-4719)
Vulnerability from cvelistv5 – Published: 2006-09-12 16:00 – Updated: 2024-08-07 19:23
VLAI
EPSS
VEX
Summary
Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://attrition.org/pipermail/vim/2006-September… | mailing-listx_refsource_VIM |
| http://www.vupen.com/english/advisories/2006/3544 | vdb-entryx_refsource_VUPEN |
| https://www.exploit-db.com/exploits/2335 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/bid/19944 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/21817 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.002Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060912 Source VERIFY of MyABraCaDaWeb file inclusion",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://attrition.org/pipermail/vim/2006-September/001027.html"
},
{
"name": "ADV-2006-3544",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3544"
},
{
"name": "2335",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2335"
},
{
"name": "19944",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19944"
},
{
"name": "21817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21817"
},
{
"name": "myabracadaweb-index-file-include(28851)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28851"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060912 Source VERIFY of MyABraCaDaWeb file inclusion",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://attrition.org/pipermail/vim/2006-September/001027.html"
},
{
"name": "ADV-2006-3544",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3544"
},
{
"name": "2335",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2335"
},
{
"name": "19944",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19944"
},
{
"name": "21817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21817"
},
{
"name": "myabracadaweb-index-file-include(28851)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28851"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4719",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060912 Source VERIFY of MyABraCaDaWeb file inclusion",
"refsource": "VIM",
"url": "http://attrition.org/pipermail/vim/2006-September/001027.html"
},
{
"name": "ADV-2006-3544",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3544"
},
{
"name": "2335",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2335"
},
{
"name": "19944",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19944"
},
{
"name": "21817",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21817"
},
{
"name": "myabracadaweb-index-file-include(28851)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28851"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4719",
"datePublished": "2006-09-12T16:00:00.000Z",
"dateReserved": "2006-09-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:23:41.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4719 (GCVE-0-2006-4719)
Vulnerability from nvd – Published: 2006-09-12 16:00 – Updated: 2024-08-07 19:23
VLAI
EPSS
VEX
Summary
Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://attrition.org/pipermail/vim/2006-September… | mailing-listx_refsource_VIM |
| http://www.vupen.com/english/advisories/2006/3544 | vdb-entryx_refsource_VUPEN |
| https://www.exploit-db.com/exploits/2335 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/bid/19944 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/21817 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-09-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.002Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060912 Source VERIFY of MyABraCaDaWeb file inclusion",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://attrition.org/pipermail/vim/2006-September/001027.html"
},
{
"name": "ADV-2006-3544",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3544"
},
{
"name": "2335",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2335"
},
{
"name": "19944",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19944"
},
{
"name": "21817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21817"
},
{
"name": "myabracadaweb-index-file-include(28851)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28851"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060912 Source VERIFY of MyABraCaDaWeb file inclusion",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://attrition.org/pipermail/vim/2006-September/001027.html"
},
{
"name": "ADV-2006-3544",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3544"
},
{
"name": "2335",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2335"
},
{
"name": "19944",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19944"
},
{
"name": "21817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21817"
},
{
"name": "myabracadaweb-index-file-include(28851)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28851"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4719",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060912 Source VERIFY of MyABraCaDaWeb file inclusion",
"refsource": "VIM",
"url": "http://attrition.org/pipermail/vim/2006-September/001027.html"
},
{
"name": "ADV-2006-3544",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3544"
},
{
"name": "2335",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2335"
},
{
"name": "19944",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19944"
},
{
"name": "21817",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21817"
},
{
"name": "myabracadaweb-index-file-include(28851)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28851"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4719",
"datePublished": "2006-09-12T16:00:00.000Z",
"dateReserved": "2006-09-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:23:41.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1548 (GCVE-0-2003-1548)
Vulnerability from nvd – Published: 2008-03-06 01:00 – Updated: 2024-08-08 02:35
VLAI
EPSS
VEX
Summary
MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id?1006308 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/315317/30/… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/7126 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/3717 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/8320 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2003-03-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1006308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006308"
},
{
"name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
},
{
"name": "7126",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7126"
},
{
"name": "3717",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3717"
},
{
"name": "myabracadaweb-index-path-disclosure(11556)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11556"
},
{
"name": "8320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8320"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1006308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006308"
},
{
"name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
},
{
"name": "7126",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7126"
},
{
"name": "3717",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3717"
},
{
"name": "myabracadaweb-index-path-disclosure(11556)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11556"
},
{
"name": "8320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8320"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1006308",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006308"
},
{
"name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
},
{
"name": "7126",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7126"
},
{
"name": "3717",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3717"
},
{
"name": "myabracadaweb-index-path-disclosure(11556)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11556"
},
{
"name": "8320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8320"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1548",
"datePublished": "2008-03-06T01:00:00.000Z",
"dateReserved": "2008-03-05T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:35:17.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1549 (GCVE-0-2003-1549)
Vulnerability from nvd – Published: 2008-03-06 01:00 – Updated: 2024-08-08 02:35
VLAI
EPSS
VEX
Summary
Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id?1006308 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/7127 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/315317/30/… | mailing-listx_refsource_BUGTRAQ |
| http://www.webmaster-mag.net/?module=distridoc&idCat=3 | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.security-corporation.com/download/patc… | x_refsource_MISC |
| http://securityreason.com/securityalert/3717 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/8320 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2003-03-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:16.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1006308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1006308"
},
{
"name": "7127",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7127"
},
{
"name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3"
},
{
"name": "myabracadaweb-index-makw-xss(11557)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11557"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip"
},
{
"name": "3717",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3717"
},
{
"name": "8320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8320"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1006308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1006308"
},
{
"name": "7127",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7127"
},
{
"name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3"
},
{
"name": "myabracadaweb-index-makw-xss(11557)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11557"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip"
},
{
"name": "3717",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3717"
},
{
"name": "8320",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8320"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1549",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1006308",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006308"
},
{
"name": "7127",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7127"
},
{
"name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
},
{
"name": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3",
"refsource": "MISC",
"url": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3"
},
{
"name": "myabracadaweb-index-makw-xss(11557)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11557"
},
{
"name": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip",
"refsource": "MISC",
"url": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip"
},
{
"name": "3717",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3717"
},
{
"name": "8320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8320"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1549",
"datePublished": "2008-03-06T01:00:00.000Z",
"dateReserved": "2008-03-05T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:35:16.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}