CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2025/10/30 10:15 p.m.•3 views

CVE-2020-36856

Nagios XI versions prior to 5.6.14 contain an authenticated remote command execution vulnerability in the CCM commandtest.php script. Insufficient validation of the address parameter allows an authenticated user with access to the Core Config Manager to inject shell metacharacters that are...

9.4CVSS0.00358EPSS

CVE•added 2024/12/06 1:7 p.m.•58 views

CVE-2024-53823

CVE-2024-53823 involves a DOM-based cross-site scripting (XSS) vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite (WordPress plugin). The root cause is improper neutralization of input during web page generation, enabling XSS in affected pages. Affected software: The Plus A...

6.5CVSS7.2AI score0.00211EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/12/06 12:0 a.m.•1 views

PT-2024-35939 · Elementor · The Plus Addons For Elementor Page Builder

Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor Page Builder Lite versions through 5.6.14 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This means that an attacker could...

6.5CVSS6.7AI score0.00211EPSS

Exploits0References6

SUSE CVE•added 2023/02/15 5:32 a.m.•2 views

SUSE CVE-2014-0401

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors...

4CVSS6AI score0.00413EPSS

Exploits0References4

Fedora•added 2020/05/25 2:48 a.m.•44 views

[SECURITY] Fedora 32 Update: kernel-5.6.14-300.fc32

The kernel meta package...

5.3CVSS2.4AI score0.0011EPSS

Tenable Nessus•added 2019/01/09 12:0 a.m.•14 views

PHP 5.6.x < 5.6.14 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.14. It is, therefore, affected by multiple vulnerabilities : - A NULL pointer dereference flaw exists in the phargetfpoffset function in ext/phar/util.c that is triggered when pointing to a...

6.8CVSS7.2AI score0.26499EPSS

OpenVAS•added 2016/06/03 12:0 a.m.•27 views

Oracle MySQL Multiple Unspecified Vulnerabilities - 05 (Jun 2016) - Linux

Oracle MySQL is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.8CVSS6.5AI score0.00635EPSS

OpenVAS•added 2016/06/03 12:0 a.m.•38 views

Oracle MySQL Multiple Unspecified Vulnerabilities - 15 (Jun 2016) - Linux

6.8CVSS6.6AI score0.01077EPSS

Exploits0References5

Tenable Nessus•added 2016/03/04 12:0 a.m.•8 views

Fedora 21 : php-5.6.14-1.fc21 (2015-366f3dd73f)

01 Oct 2015, PHP 5.6.14 Core: Fixed bug php70370 Bundled libtool.m4 doesn't handle FreeBSD 10 when building extensions. Adam CLI server: Fixed bug php68291 404 on urls with '+'. cmb DOM: Fixed bug php70001 Assigning to DOMNode::textContent does additional entity encoding. cmb Mysqlnd: Fixed bug...

5.5AI score

Tenable Nessus•added 2016/03/04 12:0 a.m.•10 views

Fedora 23 : php-5.6.14-1.fc23 (2015-f82917c70c)

5.5AI score

Tenable Nessus•added 2016/03/04 12:0 a.m.•9 views

Fedora 22 : php-5.6.14-1.fc22 (2015-b24a52fc97)

5.5AI score

OpenVAS•added 2015/12/15 12:0 a.m.•55 views

PHP < 5.5.30, 5.6.x < 5.6.14 Multiple DoS Vulnerabilities - Linux

PHP is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if...

6.8CVSS9.3AI score0.26499EPSS

Exploits0References4

Mageia•added 2015/10/09 6:47 p.m.•17 views

Updated php/php-timezonedb packages fix security vulnerabilities

The php package has been updated to version 5.6.14, which fixes two security issues in phar and several other bugs. See the upstream ChangeLog for more details...

6.8CVSS3.2AI score0.26499EPSS

Exploits0References2

Tenable Nessus•added 2015/10/06 12:0 a.m.•127 views

PHP 5.6.x < 5.6.14 Multiple Vulnerabilities

6.8CVSS7.9AI score0.26499EPSS

Exploit DB•added 2014/10/14 12:0 a.m.•53 views

Croogo 2.0.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities

------------------------ XSS 1 -------- POST parameters: - dataContacttitle ------------------------ input type="hidden" name="dataTokenkey" value="2627e9e204ad6b878db...

7AI score

seebug.org•added 2014/07/01 12:0 a.m.•17 views

Cart Engine 3.0.0 Remote Code Execution

No description provided by source. ? Cart Engine 3.0.0 Remote Code Execution Vendor: C97net Product web page: http://www.c97.net Affected version: 3.0.0 Summary: Open your own online shop today with Cart Engine! The small, yet powerful and don't forget, FREE shopping cart based on PHP & MySQL...

7.1AI score

0day.today•added 2014/03/26 12:0 a.m.•49 views

Kemana Directory 1.5.6 Password Hash Disclosure Vulnerability

Kemana contains a flaw that is due to the 'kemanaadminpasswd' cookie storing user password SHA1 hashes. This may allow a remote MitM attacker to more easily gain access to password information. Version 1.5.6 is affected. Kemana Directory 1.5.6 kemanaadminpasswd Cookie User Password Hash Disclosur...

7.1AI score

Exploit DB•added 2014/03/25 12:0 a.m.•25 views

Kemana Directory 1.5.6 - Database Backup Disclosure

$total return; ifempty$starttime $starttime=time; $now...

7.4AI score