CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

4695 matches found

securityvulns•added 2006/04/11 12:0 a.m.•29 views

[Full-disclosure] Dokeos 1.6.4 SQL Injection Vulnerability

Dokeos 1.6.4 SQL Injection Vulnerability Author: Alvaro Olavarria [email protected] Affected: Dokeos = 1.6.4 Status: Notified hereby Vendor url: http://www.dokeos.com Background. Dokeos is an Open Source elearning and course management web application translated in 34 languages and helping mor...

securityvulns•added 2006/04/11 12:0 a.m.•29 views

Vegadns blind sql injection and cross site scripting

Author : Ph03n1X email : [email protected] site : http://kandangjamur.net/ vendor : www.vegadns.org version: 0.99 XSS ---- PoC : http://exam.com/vegadns/index.php?VDNSSessid=m42644r75o1eg4f7mb7e4rnpg7&message=3Ch13E3Cmarquee3Ealoo3C/marquee3E3C/h13E Vulnerable script is located in index.php...

securityvulns•added 2006/04/10 12:0 a.m.•30 views

MAXDEV CMS Multiple vulnerabilities

Full Path disclosure --------------------- This hole is caused by direct access to file includes/legacy.php not protected PoC : http://site.co.id/maxdev/includes/legacy.php Fix : Turn off display error in php.ini can fix this security issue Blind sql inject ----------------- This hole is caused b...

exploitpack•added 2006/03/19 12:0 a.m.•9 views

SoftBB 0.1 - mail Blind SQL Injection

SoftBB 0.1 - mail Blind SQL Injection !/usr/bin/env python LOTFREE TEAM 03/2006 http://lotfree.next-touch.com/ http://membres.lycos.fr/lotfree/sploits/LOTF-SoftBB.py Vulnerability info Product : SoftBB Version : 0.1 The field 'mail' in reg.php is used directly in a SQL query : $sql = 'SELECT...

0day.today•added 2006/03/19 12:0 a.m.•111 views

SoftBB 0.1 (mail) Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ==================================================== SoftBB 0.1 mail Remote Blind SQL Injection Exploit ==================================================== !/usr/bin/env python LOTFREE TEAM 03/2006 Vulnerability info Product : SoftBB...

Exploit DB•added 2006/03/19 12:0 a.m.•37 views

SoftBB 0.1 - 'mail' Blind SQL Injection

!/usr/bin/env python LOTFREE TEAM 03/2006 http://lotfree.next-touch.com/ http://membres.lycos.fr/lotfree/sploits/LOTF-SoftBB.py Vulnerability info Product : SoftBB Version : 0.1 The field 'mail' in reg.php is used directly in a SQL query : $sql = 'SELECT pseudo,mail FROM '.$prefixtable.'membres...

securityvulns•added 2005/12/16 12:0 a.m.•23 views

LIMBO CMS <= v1.0.4.2 _SERVER[] array overwrite / remote code execution

LIMBO CMS = v1.0.4.2 SERVER array overwrite / blind SQL injection / cross site scripting / local file inclusion / path disclosure / remote code/commands execution software: site: http://www.limbo-cms.com/ description: "Putting it in short Limbo is a Content Management System, which allows you to...

seebug.org•added 2005/12/02 12:0 a.m.•19 views

Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit

No description provided by source. ?php ---zencart126dxpl.php 19.42 02/12/2005 Zen-Cart = 1.2.6d blind SQL injection / remote commands execution coded by rgod site: http://rgod.altervista.org - this works with magicquotesgpc both on & off usage: launch from Apache, fill in requested fields, then...

Exploit DB•added 2005/12/01 12:0 a.m.•37 views

Lore 1.5.4/1.5.6 - 'article.php' SQL Injection

source: https://www.securityfocus.com/bid/15665/info Lore is prone to an SQL injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or...

seebug.org•added 2005/11/14 12:0 a.m.•24 views

Unclassified NewsBoard 1.5.3 Patch 3 Blind SQL Injection Exploit

No description provided by source. ?php ---UNB153pl3xpl.php 11.35 12/11/2005 Unclassified NewsBoard 1.5.3 patch level 3 "Datefrom" blind SQL injection / Admin MD5 password hash dump by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! make these...

exploitpack•added 2005/11/14 12:0 a.m.•24 views

Unclassified NewsBoard 1.5.3 Patch 3 - Blind SQL Injection

Unclassified NewsBoard 1.5.3 Patch 3 - Blind SQL Injection titl...

Exploit DB•added 2005/11/14 12:0 a.m.•48 views

Unclassified NewsBoard 1.5.3 Patch 3 - Blind SQL Injection

Unclassified NewsBoard 1.5.3pl3...

Packet Storm•added 2005/04/17 12:0 a.m.•34 views

PHPNuke76wl.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpnuke 7.6 Multiple vulnerabilities in WebLinks Module cXIb8O3.14 Author: Maksymilian Arciemowicz cXIb8O3 Date: 6.4.2005 from securityreason.com TEAM - --- 0.Description --- PHP-Nuke is a Web Portal System, storytelling software, news system, online...

Packet Storm•added 2005/04/17 12:0 a.m.•33 views

PHPNuke76dl.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpnuke 7.6 Multiple vulnerabilities in Downloads Module cXIb8O3.13 Author: Maksymilian Arciemowicz cXIb8O3 Date: 5.4.2005 from securityreason.com TEAM - --- 0.Description --- PHP-Nuke is a Web Portal System, storytelling software, news system, online...

securityvulns•added 2005/04/08 12:0 a.m.•32 views

[SECURITYREASON.COM] phpnuke 7.6 Multiple vulnerabilities in Downloads Module cXIb8O3.13

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpnuke 7.6 Multiple vulnerabilities in Downloads Module cXIb8O3.13 Author: Maksymilian Arciemowicz cXIb8O3 Date: 5.4.2005 from securityreason.com TEAM - --- 0.Description --- PHP-Nuke is a Web Portal System, storytelling software, news system, online...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by