Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
epic designs vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2727
home/register.php in Eggblog prior to 3.0 allows remote malicious users to change the password of administrators and possibly other users via a modified username parameter.
Epic Designs Eggblog
Epic Designs Eggblog 2.0
Epic Designs Eggblog 3.0
NA
CVE-2005-4546
search.php in eggblog 2.0 allows remote malicious users to obtain the full path via an invalid q parameter, as used by the Keyword and Search fields, possibly due to an SQL injection vulnerability.
Epic Designs Eggblog
NA
CVE-2005-4547
Cross-site scripting (XSS) vulnerability in home/search.php in eggblog 2.0 allows remote malicious users to execute arbitrary SQL commands via the q parameter, as used by the Keyword and Search fields.
Epic Designs Eggblog
NA
CVE-2006-2725
SQL injection vulnerability in rss/posts.php in Eggblog prior to 3.07 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Epic Designs Eggblog
1 EDB exploit
NA
CVE-2006-2739
PHP remote file inclusion vulnerability in footers.php in Epicdesigns tinyBB 0.3, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the tinybb_footers parameter.
Epic Designs Tinybb
1 EDB exploit
NA
CVE-2006-2740
Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow remote malicious users to execute arbitrary SQL commands via the (1) q parameter in (a) forgot.php, and the (2) username and (3) password parameters in (b) login.php, and other unspecified vectors.
Epic Designs Tinybb
1 EDB exploit
NA
CVE-2006-2741
Cross-site scripting (XSS) vulnerability in Epicdesigns tinyBB 0.3 allow remote malicious users to inject arbitrary web script or HTML via the q parameter in forgot.php, which is echoed in an error message, and other unspecified vectors.
Epic Designs Tinybb
NA
CVE-2006-6046
Multiple cross-site scripting (XSS) vulnerabilities in eggblog 3.1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) edit parameter to (a) admin/articles.php or (b) admin/comments.php, or the (2) add parameter to admin/users.php.
Epic Designs Eggblog 3.1.0
NA
CVE-2006-0349
SQL injection vulnerability in eggblog 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter to blog.php.
Epic Designs Eggblog 2.0
1 EDB exploit
NA
CVE-2006-0350
Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote malicious users to inject arbitrary web script or HTML via the message field to topic.php.
Epic Designs Eggblog 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started