Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    6 vulnerabilities by myabracadaweb

    CVE-2003-1548 (GCVE-0-2003-1548)

    Vulnerability from cvelistv5 – Published: 2008-03-06 01:00 – Updated: 2024-08-08 02:35
    VLAI
    Summary
    MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1006308 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/archive/1/315317/30/… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/7126 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/3717 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/8320 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2003-03-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:35:17.422Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1006308",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1006308"
              },
              {
                "name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
              },
              {
                "name": "7126",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/7126"
              },
              {
                "name": "3717",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3717"
              },
              {
                "name": "myabracadaweb-index-path-disclosure(11556)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11556"
              },
              {
                "name": "8320",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/8320"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-03-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1006308",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1006308"
            },
            {
              "name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
            },
            {
              "name": "7126",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/7126"
            },
            {
              "name": "3717",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3717"
            },
            {
              "name": "myabracadaweb-index-path-disclosure(11556)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11556"
            },
            {
              "name": "8320",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/8320"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1548",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1006308",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1006308"
                },
                {
                  "name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
                },
                {
                  "name": "7126",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/7126"
                },
                {
                  "name": "3717",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3717"
                },
                {
                  "name": "myabracadaweb-index-path-disclosure(11556)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11556"
                },
                {
                  "name": "8320",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/8320"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1548",
        "datePublished": "2008-03-06T01:00:00.000Z",
        "dateReserved": "2008-03-05T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:35:17.422Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-1549 (GCVE-0-2003-1549)

    Vulnerability from cvelistv5 – Published: 2008-03-06 01:00 – Updated: 2024-08-08 02:35
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2003-03-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:35:16.343Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1006308",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1006308"
              },
              {
                "name": "7127",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/7127"
              },
              {
                "name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3"
              },
              {
                "name": "myabracadaweb-index-makw-xss(11557)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11557"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip"
              },
              {
                "name": "3717",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3717"
              },
              {
                "name": "8320",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/8320"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-03-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1006308",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1006308"
            },
            {
              "name": "7127",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/7127"
            },
            {
              "name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3"
            },
            {
              "name": "myabracadaweb-index-makw-xss(11557)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11557"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip"
            },
            {
              "name": "3717",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3717"
            },
            {
              "name": "8320",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/8320"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1549",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1006308",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1006308"
                },
                {
                  "name": "7127",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/7127"
                },
                {
                  "name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
                },
                {
                  "name": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3",
                  "refsource": "MISC",
                  "url": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3"
                },
                {
                  "name": "myabracadaweb-index-makw-xss(11557)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11557"
                },
                {
                  "name": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip",
                  "refsource": "MISC",
                  "url": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip"
                },
                {
                  "name": "3717",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3717"
                },
                {
                  "name": "8320",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/8320"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1549",
        "datePublished": "2008-03-06T01:00:00.000Z",
        "dateReserved": "2008-03-05T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:35:16.343Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4719 (GCVE-0-2006-4719)

    Vulnerability from cvelistv5 – Published: 2006-09-12 16:00 – Updated: 2024-08-07 19:23
    VLAI
    Summary
    Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://attrition.org/pipermail/vim/2006-September… mailing-listx_refsource_VIM
    http://www.vupen.com/english/advisories/2006/3544 vdb-entryx_refsource_VUPEN
    https://www.exploit-db.com/exploits/2335 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/19944 vdb-entryx_refsource_BID
    http://secunia.com/advisories/21817 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-09-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:23:41.002Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060912 Source VERIFY of MyABraCaDaWeb file inclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://attrition.org/pipermail/vim/2006-September/001027.html"
              },
              {
                "name": "ADV-2006-3544",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3544"
              },
              {
                "name": "2335",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2335"
              },
              {
                "name": "19944",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19944"
              },
              {
                "name": "21817",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21817"
              },
              {
                "name": "myabracadaweb-index-file-include(28851)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28851"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060912 Source VERIFY of MyABraCaDaWeb file inclusion",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://attrition.org/pipermail/vim/2006-September/001027.html"
            },
            {
              "name": "ADV-2006-3544",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3544"
            },
            {
              "name": "2335",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2335"
            },
            {
              "name": "19944",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19944"
            },
            {
              "name": "21817",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21817"
            },
            {
              "name": "myabracadaweb-index-file-include(28851)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28851"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4719",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060912 Source VERIFY of MyABraCaDaWeb file inclusion",
                  "refsource": "VIM",
                  "url": "http://attrition.org/pipermail/vim/2006-September/001027.html"
                },
                {
                  "name": "ADV-2006-3544",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3544"
                },
                {
                  "name": "2335",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2335"
                },
                {
                  "name": "19944",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19944"
                },
                {
                  "name": "21817",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21817"
                },
                {
                  "name": "myabracadaweb-index-file-include(28851)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28851"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4719",
        "datePublished": "2006-09-12T16:00:00.000Z",
        "dateReserved": "2006-09-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:23:41.002Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4719 (GCVE-0-2006-4719)

    Vulnerability from nvd – Published: 2006-09-12 16:00 – Updated: 2024-08-07 19:23
    VLAI
    Summary
    Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://attrition.org/pipermail/vim/2006-September… mailing-listx_refsource_VIM
    http://www.vupen.com/english/advisories/2006/3544 vdb-entryx_refsource_VUPEN
    https://www.exploit-db.com/exploits/2335 exploitx_refsource_EXPLOIT-DB
    http://www.securityfocus.com/bid/19944 vdb-entryx_refsource_BID
    http://secunia.com/advisories/21817 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-09-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:23:41.002Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060912 Source VERIFY of MyABraCaDaWeb file inclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://attrition.org/pipermail/vim/2006-September/001027.html"
              },
              {
                "name": "ADV-2006-3544",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3544"
              },
              {
                "name": "2335",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2335"
              },
              {
                "name": "19944",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19944"
              },
              {
                "name": "21817",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21817"
              },
              {
                "name": "myabracadaweb-index-file-include(28851)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28851"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060912 Source VERIFY of MyABraCaDaWeb file inclusion",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://attrition.org/pipermail/vim/2006-September/001027.html"
            },
            {
              "name": "ADV-2006-3544",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3544"
            },
            {
              "name": "2335",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2335"
            },
            {
              "name": "19944",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19944"
            },
            {
              "name": "21817",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21817"
            },
            {
              "name": "myabracadaweb-index-file-include(28851)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28851"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4719",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060912 Source VERIFY of MyABraCaDaWeb file inclusion",
                  "refsource": "VIM",
                  "url": "http://attrition.org/pipermail/vim/2006-September/001027.html"
                },
                {
                  "name": "ADV-2006-3544",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3544"
                },
                {
                  "name": "2335",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2335"
                },
                {
                  "name": "19944",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19944"
                },
                {
                  "name": "21817",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21817"
                },
                {
                  "name": "myabracadaweb-index-file-include(28851)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28851"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4719",
        "datePublished": "2006-09-12T16:00:00.000Z",
        "dateReserved": "2006-09-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:23:41.002Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-1548 (GCVE-0-2003-1548)

    Vulnerability from nvd – Published: 2008-03-06 01:00 – Updated: 2024-08-08 02:35
    VLAI
    Summary
    MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1006308 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/archive/1/315317/30/… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/7126 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/3717 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/8320 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2003-03-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:35:17.422Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1006308",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1006308"
              },
              {
                "name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
              },
              {
                "name": "7126",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/7126"
              },
              {
                "name": "3717",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3717"
              },
              {
                "name": "myabracadaweb-index-path-disclosure(11556)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11556"
              },
              {
                "name": "8320",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/8320"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-03-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1006308",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1006308"
            },
            {
              "name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
            },
            {
              "name": "7126",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/7126"
            },
            {
              "name": "3717",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3717"
            },
            {
              "name": "myabracadaweb-index-path-disclosure(11556)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11556"
            },
            {
              "name": "8320",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/8320"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1548",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1006308",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1006308"
                },
                {
                  "name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
                },
                {
                  "name": "7126",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/7126"
                },
                {
                  "name": "3717",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3717"
                },
                {
                  "name": "myabracadaweb-index-path-disclosure(11556)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11556"
                },
                {
                  "name": "8320",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/8320"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1548",
        "datePublished": "2008-03-06T01:00:00.000Z",
        "dateReserved": "2008-03-05T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:35:17.422Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-1549 (GCVE-0-2003-1549)

    Vulnerability from nvd – Published: 2008-03-06 01:00 – Updated: 2024-08-08 02:35
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2003-03-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:35:16.343Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1006308",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1006308"
              },
              {
                "name": "7127",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/7127"
              },
              {
                "name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3"
              },
              {
                "name": "myabracadaweb-index-makw-xss(11557)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11557"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip"
              },
              {
                "name": "3717",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3717"
              },
              {
                "name": "8320",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/8320"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-03-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1006308",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1006308"
            },
            {
              "name": "7127",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/7127"
            },
            {
              "name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3"
            },
            {
              "name": "myabracadaweb-index-makw-xss(11557)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11557"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip"
            },
            {
              "name": "3717",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3717"
            },
            {
              "name": "8320",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/8320"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1549",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1006308",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1006308"
                },
                {
                  "name": "7127",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/7127"
                },
                {
                  "name": "20030317 [SCSA-010] Path Disclosure \u0026 Cross Site Scripting Vulnerability in MyABraCaDaWeb",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/315317/30/25460/threaded"
                },
                {
                  "name": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3",
                  "refsource": "MISC",
                  "url": "http://www.webmaster-mag.net/?module=distridoc\u0026idCat=3"
                },
                {
                  "name": "myabracadaweb-index-makw-xss(11557)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11557"
                },
                {
                  "name": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip",
                  "refsource": "MISC",
                  "url": "http://www.security-corporation.com/download/patch/MyABraCaDaWebv1.0.2XSSpatch.zip"
                },
                {
                  "name": "3717",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3717"
                },
                {
                  "name": "8320",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/8320"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1549",
        "datePublished": "2008-03-06T01:00:00.000Z",
        "dateReserved": "2008-03-05T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:35:16.343Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }