CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

7736 matches found

Packet Storm•added 2016/11/17 12:0 a.m.•49 views

DCFM Blog 0.9.7 Cross Site Scripting

DCFM Blog 0.9.7 XSS Attack =========================== Discovered by NA , NAattutanota.com ======================================== Description ============ Open-source blog project. Free blog system for any website. Uses MySQL and PHP 5. Very easily customizable and incredibly flexible...

Packet Storm•added 2016/11/17 12:0 a.m.•55 views

DCFM Blog 0.9.7 Blind SQL Injection

DCFM Blog Version 0.9.7 Blind SQL Injection Vulnerability time based-attack ================================================================================ Discovered by NA , NAattutanota.com ======================================== Description ============ Open-source blog project. Free blog...

Microsoft Malware Protection•added 2016/11/11 5:10 p.m.•11 views

No payment necessary: Fighting back against ransomware

Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene. Any IT professional who’s ever had an experience with malware knows how fast an intrusive attack can happen, and how difficult it can be to educate...

Openbugbounty•added 2016/11/10 8:11 p.m.•13 views

merkleinc.com XSS vulnerability

Vulnerable URL: https://www.merkleinc.com/blog/marketing-solutions-and-strategies/marketing-technology?page=1" Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 22:46 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

The Coalfire Blog•added 2016/11/10 9:12 a.m.•7 views

FedRAMP Plans for 2017

The Federal Risk and Authorization Management Program FedRAMP plans to continue to build on 2016 successes by planning for an ambitious 2017 according to a series of blog posts released by the General Services Administration GSA...

CNVD•added 2016/11/09 12:0 a.m.•1 views

Simple PHP Blog Cross-Site Scripting Vulnerability

Simple PHP Blog is an open source free single-user Blog program written in PHP. A cross-site scripting vulnerability exists in the q parameter of the search.php page in Simple PHP Blog version 0.4.0 due to the program failing to adequately filter user-submitted input. An attacker can exploit this...

Exploits0References1

0day.today•added 2016/11/08 12:0 a.m.•38 views

Simple PHP Blog 0.4.0 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications + Credits: Boumediene KADDOUR AKA sh311c0d3r + Website: http://www.pentestingskills.com Vendor: ====================== http://www.simpleblogphp.com Product: =============================== Simple PHP Blog 0.4.0 Vulnerability Type:...

Packet Storm•added 2016/11/07 12:0 a.m.•19 views

Simple PHP Blog 0.4.0 Cross Site Scripting

Credits: Boumediene KADDOUR AKA sh311c0d3r + Website: http://www.pentestingskills.com Vendor: ====================== http://www.simpleblogphp.com Product: =============================== Simple PHP Blog 0.4.0 Vulnerability Type: ============================= Cross Site Scripting XSS CVE...

Packet Storm•added 2016/11/02 12:0 a.m.•28 views

Microsoft Internet Explorer 11 MSHTML CView::CalculateImageImmunity Use-After-Free

Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the second entry in that series. The below information is also available on my blog at http://blog.skylined.nl/20161102001.html. There you can find a repro that...

Packet Storm•added 2016/10/28 12:0 a.m.•23 views

ABT Blog 2.0 Database Disclosure

======================================================================== | Title : ABT Blog v2.0 Blog Scripti Disclosure Exploit | Author : indoushka | email : [email protected] | Tested on : windows 8.1 FranASSais V.Pro | Version : v2.0 | Vendor :...

Openbugbounty•added 2016/10/26 2:0 p.m.•9 views

kkpp.blox.pl XSS vulnerability

Vulnerable URL: http://kkpp.blox.pl?page=blogPublicSearch= blogPublicSearch'A Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...

Kitploit•added 2016/10/19 1:30 p.m.•124 views

Ruler - A Tool To Abuse Exchange Services

Ruler is a tool that allows you to interact with Exchange servers through the MAPI/HTTP protocol. The main aim is abuse the client-side Outlook mail rules as described in: Silentbreak blog Silentbreak did a great job with this attack and it has served us well. The only downside has been that it...

Exploits0References1

Openbugbounty•added 2016/10/18 2:58 p.m.•7 views

bigboobs-blog.com XSS vulnerability

Vulnerable URL: http://www.bigboobs-blog.com/cerca.php?q=prompt'OPENBUGBOUNTY'...

0day.today•added 2016/10/14 12:0 a.m.•22 views

Colorful Blog - Stored Cross Site Scripting

Exploit for php platform in category web applications Exploit Title : ----------- : Colorful Blog - Stored Cross Site Scripting Author : ----------------- : Besim Google Dork : --------- : - Date : -------------------- : 13/10/2016 Type : -------------------- : webapps Platform : --------------- ...

0day.today•added 2016/10/14 12:0 a.m.•54 views

Colorful Blog - Cross-Site Request Forgery (Change Admin Password)

Exploit for php platform in category web applications Exploit Title :----------- : Colorful Blog - Cross-Site Request Forgery Change Admin Pass Author :------------------ : Besim Google Dork :---------- : - Date :--------------------- : 13/10/2016 Type :--------------------- : webapps Platform...

Packet Storm•added 2016/10/13 12:0 a.m.•15 views

Colorful Blog Cross Site Scripting

Exploit Title : ----------- : Colorful Blog - Stored Cross Site Scripting Author : ----------------- : Besim Google Dork : --------- : - Date : -------------------- : 13/10/2016 Type : -------------------- : webapps Platform : --------------- : PHP Vendor Homepage :-- : - Software link : --------...

Packet Storm•added 2016/10/13 12:0 a.m.•20 views

Colorful Blog Cross Site Request Forgery

Exploit Title :----------- : Colorful Blog - Cross-Site Request Forgery Change Admin Pass Author :------------------ : Besim Google Dork :---------- : - Date :--------------------- : 13/10/2016 Type :--------------------- : webapps Platform :---------------- : PHP Vendor Homepage :-- : - Software...

0day.today•added 2016/10/13 12:0 a.m.•28 views

Simple Blog PHP 2.0 - Multiple Vulnerabilities

Exploit for php platform in category web applications ===================================================== Simple Blog PHP 2.0 - CSRFAdd Post // Stored XSS ===================================================== Vendor Homepage: http://simpleblogphp.com/ Date: 13 Oct 2016 Demo Link :...

Packet Storm•added 2016/10/13 12:0 a.m.•27 views

Simple Blog PHP 2.0 Cross Site Request Forgery / Cross Site Scripting

===================================================== Simple Blog PHP 2.0 - CSRFAdd Post // Stored XSS ===================================================== Vendor Homepage: http://simpleblogphp.com/ Date: 13 Oct 2016 Demo Link : http://simpleblogphp.com/blog/admin.php Version : 2.0 Platform : PH...

Exploit DB•added 2016/10/13 12:0 a.m.•37 views

Simple Blog PHP 2.0 - SQL Injection

===================================================== Simple Blog PHP 2.0 - SQL Injection ===================================================== Vendor Homepage: http://simpleblogphp.com/ Date: 13 Oct 2016 Demo Link : http://simpleblogphp.com/blog/admin.php Version : 2.0 Platform : WebApp - PHP...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by