CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2042 matches found

WPVulnDB•added 2014/08/01 10:59 a.m.•5 views

Persuasion <= 2.4 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download

The persuasion WordPress theme was affected by a dl-skin.php mysitedownloadskin Parameter Absolute Path Traversal Remote File Download security vulnerability...

3.8AI score

Exploits0References3Affected Software1

CVE•added 2014/07/29 2:0 p.m.•39 views

CVE-2014-5115

DirPHP 1.0 is affected by an Absolute Path Traversal (Local File Inclusion) via the phpfile parameter to index.php, enabling read access to arbitrary files. Public references (e.g., Exploit-DB, Packet Storm) and OpenVAS describe the issue as a DirPHP LFI vulnerability. The available documents do ...

5CVSS6.8AI score0.0626EPSS

Exploits1References2Affected Software1

seebug.org•added 2014/07/01 12:0 a.m.•60 views

Coppermine Photo Gallery <= 1.4.22 Remote Exploit

No description provided by source. !/usr/bin/perl Coppermine Photo Gallery = 1.4.22 Remote Exploit Need registerglobals = on and magicquotesgpc = off Based on vulnerabilities discussed at http://www.milw0rm.org/exploits/8713 Coded by girex use LWP::UserAgent; ifnot defined $ARGV0 banner; print -...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•14 views

Jakarta Tomcat 3.x/4.0 Error Message Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3199/info When a malformed request is made for a Java Server Page the server displays an error page. The error page contains potentially sensitive information, along with the absolute path of the JSP file on the webserver...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•18 views

pollxt Mambo Component <= 1.22.07 Remote Include Vulnerability

No description provided by source. Application : pollxt mambo Component URL : http://www.mamboxt.com Variable $mosConfigabsolutepath not sanitized: xpl works with registerglobals=on in components/compollxt/conf.pollxt.php on line 1-2...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•31 views

LiveCMS <= 3.4 (categoria.php cid) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title LiveCMS = 3.4 SQL Injection, Absolute Path Disclosure, XSS Injection, Arbitrary File Upload...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•12 views

iManage CMS <= 4.0.12 (absolute_path) Remote File Inclusion

No description provided by source...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•10 views

NewAtlanta ServletExec/ISAPI 4.1 Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4793/info ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It runs with IIS on Microsoft Windows NT/2000/XP systems. ServletExec/ISAPI discloses the absolute path to the webroot directory when sen...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•7 views

Mozilla Bonsai 1.3 Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5517/info A path disclosure vulnerability has been reported in Mozilla Bonsai. An attacker can exploit this vulnerability by making a malformed request to Bonsai. This causes Bonsai to return an error page to the requesti...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•34 views

Joomla Visites 1.1 - Component mosConfig_absolute_path Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28942/info The Visites component for Joomla! is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•27 views

Agora.CGI 3/4 Debug Mode Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3976/info Agora.cgi is a freely available, open source shopping cart system. When debug mode is enabled, it is possible for a remote attacker to display the absolute path to the directory that the agora.cgi script is stor...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•21 views

WEBInsta MM <= 1.3e (absolute_path) Remote File Include Exploit

No description provided by source. !-- vulnerable code: /maillist/inc/initdb.php ----------------------------------------------------------------------- ifisset$GET'absolutepath' echo no access from here !!; exit; include$absolutepath.'inc/adodbt/db.inc';...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•16 views

Oracle Application Server 9i Webcache Arbitrary File Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13420/info Oracle Application Server 9i Webcache is prone to an arbitrary file corruption vulnerability. The issue exists becaue dangerous characters are not removed from a certain parameter value, allowing an attacker to...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•14 views

TCLhttpd 3.4.2 Directory Listing Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8687/info It has been reported that a vulnerability present in TCLHttpd allows for attackers to view the contents of arbitrary directories on affected web servers. According to the report, the input validation implemented...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•42 views

joomla component mosmedialite451 - Remote File Inclusion Vulnerability

No description provided by source. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Scripts : MOSMediaLite451 Discovered By : k1n9k0ng Scripts site : http://www.djoomla.com/component/option,comremository/Itemid,2/func,fileinfo/id,104/ Thanks To :...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•28 views

mambo com_babackup Component <= 1.1 File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '63864' ssvid version = '1.0' author = '皮皮' vulDate = '2006-08-22' createDate = '2015-12-24...

7.1AI score

Exploits0

Cvelist•added 2014/06/19 10:0 a.m.•20 views

CVE-2014-2962

Absolute path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware before 1.00.08 allows remote attackers to read arbitrary files via a full pathname in the getpage parameter...

6.6AI score0.47095EPSS

Exploits1References3

Cvelist•added 2014/06/05 5:0 p.m.•18 views

CVE-2014-3975

Absolute path traversal vulnerability in filemanager.php in AuraCMS 3.0 allows remote attackers to list a directory via a full pathname in the viewdir parameter...

6.6AI score0.069EPSS

Exploits1References4

Tenable Nessus•added 2014/06/05 12:0 a.m.•39 views

Caldera 'cdir' Parameter Absolute Path Directory Traversal

The Caldera installation on the remote host contains a PHP script that is affected by a directory traversal vulnerability. A remote, unauthenticated attacker can exploit this issue by sending a crafted request to the '/dirmng/index.php' script, allowing access to arbitrary directories on the remo...

5CVSS6AI score0.03002EPSS

Exploits0References1

NVD•added 2014/05/14 12:55 a.m.•23 views

CVE-2014-3225

Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x through 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile...

4CVSS8.8AI score0.08809EPSS

Exploits2References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by