CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7737 matches found

CVE•added 2010/04/23 2:0 p.m.•87 views

CVE-2010-1491

Joomla! MMS Blog component 2.3.0 is vulnerable to Local File Inclusion via a directory traversal in the controller parameter of index.php (..). This allows reading arbitrary server files and potential additional impacts. The issue is due to improper sanitization in com_mmsblog 2.3.0. Remediation:...

5CVSS6.2AI score0.13598EPSS

Exploits1References4Affected Software1

Cvelist•added 2010/04/23 2:0 p.m.•20 views

CVE-2009-4801

EZ-Blog Beta 1 does not require authentication, which allows remote attackers to create or delete arbitrary posts via requests to PHP scripts...

6.9AI score0.02252EPSS

Exploits0References2

CVE•added 2010/04/23 2:0 p.m.•44 views

CVE-2009-4805

EZ-Blog Beta 1 is affected by SQL injection vulnerabilities in public/view.php (storyid) and admin/remove.php (kill) when magic_quotes_gpc is disabled. The issue allows remote attackers to execute arbitrary SQL commands as described in CVE-2009-4805. The OpenVAS entry confirms an SQLi vulnerabili...

6.8CVSS8.8AI score0.00913EPSS

Exploits1References4Affected Software1

CISA•added 2010/04/23 12:0 a.m.•12 views

Microsoft Revokes Security Update

The Microsoft Security Response Center has posted a blog entry indicating that it has revoked the update related to Microsoft security bulletin MS10-025 because it does not effectively correct the underlying vulnerability. This vulnerability affects Windows Media Services running on Windows 2000...

6.5AI score

Exploits0References3

0day.today•added 2010/04/23 12:0 a.m.•23 views

InfoLink Blog (XSS/URL Redirecting) Multiple Vulnerability

Exploit for php platform in category web applications ========================================================== InfoLink Blog XSS/URL Redirecting Multiple Vulnerability ==========================================================...

7.1AI score

Exploits0

myhack58•added 2010/04/22 12:0 a.m.•11 views

Sablog-X V2. X admin permissions spoofing and arbitrary variable overwrite vulnerability-vulnerability warning-the black bar safety net

Sablog-X is a PHP and MySQL build a blog system. Affected version:Sablog-X-2. x Said First admin permission spoofing vulnerability Due to the Sablog-x v2. x the back-end authentication process there is a serious logical problem, and leads to the special structure of the cookie log in directly to...

3.7AI score

Exploits0

Cvelist•added 2010/04/21 2:0 p.m.•23 views

CVE-2009-4782

Multiple cross-site scripting XSS vulnerabilities in Theeta CMS, possibly 0.01, allow remote attackers to inject arbitrary web script or HTML via the 1 start, 2 forum, and 3 cat parameters to community/thread.php; 4 start and 5 cat parameters to community/forum.php; and 6 start parameter to...

5.9AI score0.01498EPSS

Exploits1References3

CVE•added 2010/04/21 2:0 p.m.•50 views

CVE-2009-4783

The CVE-2009-4783 item concerns multiple SQL injection vulnerabilities in Theeta CMS (version unclear). The affected entry points are the start parameter in three PHP scripts: community/forum.php, community/thread.php, and blog/index.php, where user-supplied input may be concatenated into SQL que...

7.5CVSS8.8AI score0.00993EPSS

Exploits1References3Affected Software1

Exploit DB•added 2010/04/21 12:0 a.m.•39 views

Joomla! Component MMS Blog 2.3.0 - Local File Inclusion

============================================================================================================= o Joomla Component MMS Blog Local File Inclusion Vulnerability Software : commmsblog version 2.3.0 Vendor : http://mms.pipp.no/ Author : AntiSecurity NoGe Vrs-hCk OoNBoY Paman zxvf s4va...

7AI score

Exploits0

exploitpack•added 2010/04/21 12:0 a.m.•41 views

Joomla! Component MMS Blog 2.3.0 - Local File Inclusion

Joomla! Component MMS Blog 2.3.0 - Local File Inclusion ============================================================================================================= o Joomla Component MMS Blog Local File Inclusion Vulnerability Software : commmsblog version 2.3.0 Vendor : http://mms.pipp.no/...

7.4AI score

Exploits0

CISA•added 2010/04/21 12:0 a.m.•10 views

Google Releases Chrome 4.1.249.1059

Google has released Chrome 4.1.249.1059 for Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, conduct cross-site scripting attacks, or conduct cross-site request forgery attacks. US-CERT encourages users and administrators to revie...

7.1AI score

Exploits0References1

Packet Storm•added 2010/04/21 12:0 a.m.•34 views

Joomla MMS Blog 2.3.0 Local File Inclusion

7.4AI score

Exploits0

Packet Storm•added 2010/04/17 12:0 a.m.•32 views

Uploader 0.7 Shell Upload

Exploit Title: Uploader 0.7 Shell Upload Vulnerability Date: 16.04.2010 Author: DigitALL Software Link: http://www.paehl.de/ Version: 0.7 Code : g00gle d0rk: "File viewer for Uploader" 3xpl0it: Your Shell shell.php.jpg And Upload Site. And Go to /view.php Your Shell Link Click And Go To Shell...

7.4AI score

Exploits0

Packet Storm•added 2010/04/15 12:0 a.m.•26 views

Joomla Deluxe Blog Factory 1.1.2 Local File Inclusion

================================================================================================================= o Joomla Component Deluxe Blog Factory Local File Inclusion Vulnerability Software : comblogfactory version 1.1.2 Vendor : http://www.thefactory.ro/ Author : AntiSecurity NoGe Vrs-hCk...

0.1AI score

Exploits0

exploitpack•added 2010/04/14 12:0 a.m.•25 views

Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion

Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion ================================================================================================================= o Joomla Component Deluxe Blog Factory Local File Inclusion Vulnerability Software : comblogfactory version 1.1.2...

0.1AI score

Exploits0

Exploit DB•added 2010/04/14 12:0 a.m.•36 views

Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion

7.4AI score

Exploits0

Exploit DB•added 2010/04/13 12:0 a.m.•21 views

Blog System 1.5 - Multiple Vulnerabilities

Exploit Title: Blog System | www.DigitalWhisper.co.il Software Link: http://www.netartmedia.net/blogsystem/ | http://www.netartmedia.net/blogsystem/demo.html Version: = 1.5 Tested on: PHP Cross Site Scripting Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts...

7.4AI score

Exploits0

ThreatPost•added 2010/04/12 4:59 p.m.•16 views

WordPress Hack Linked to Database Password Hijack

Malicious hackers have found a way to hijack WordPress database credentials and use that information to redirect thousands of blogs to Web sites laden with malware. The attacks, which started last Friday, occurred mostly on WordPress blogs hosted by Network Solutions but it appears that there are...

1AI score

Exploits0References3

exploitpack•added 2010/04/12 12:0 a.m.•13 views

Blog System 1.x - Multiple Input Validation Vulnerabilities

Blog System 1.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/39406/info Blog System is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include local file-include,...

Exploits0

Packet Storm•added 2010/04/06 12:0 a.m.•25 views

Mi-Dia 1.0.6 Cross Site Scripting

Title: Mi-Dia Blog 1.0.6 XSS Vendor: http://www.mi-dia.co.uk Dork: "Powered by Mi-Dia Blog v1.0.6" AUTHOR: ITSecTeam Email: [email protected] Website: http://www.itsecteam.com Forum : http://forum.ITSecTeam.com Original Advisory: www.ITSecTeam.com/en/vulnerabilities/vulnerability33.htm Thanks:...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by