CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Friends Of PHP•added 2015/07/26 7:42 p.m.•10 views

Critical SQL injection bug in the ODBC database driver

More info at https://forum.codeigniter.com/thread-65803.html...

7.2AI score

Exploits0Affected Software1

FreeBSD•added 2015/07/15 12:0 a.m.•9 views

codeigniter -- mysql database driver vulnerability

The CodeIgniter changelog reports: Security: Removed a fallback to mysqlescapestring in the mysql database driver escapestr method when there's no active database connection...

1.4AI score

CNVD•added 2015/06/25 12:0 a.m.•1 views

Nakid CMS Cross-Site Request Forgery Vulnerability

Nakid CMS is an open source content management system CMS based on PHP and CodeIgniter. Nakid CMS suffers from a cross-site request forgery vulnerability. The vulnerability allows attackers to perform unauthorized operations...

6.9AI score

CNVD•added 2015/06/25 12:0 a.m.•1 views

Nakid CMS Local File Inclusion Vulnerability

Nakid CMS is an open source content management system CMS based on PHP and CodeIgniter. Nakid CMS suffers from a local file inclusion vulnerability that allows an attacker to read arbitrary files...

6.7AI score

securityvulns•added 2015/06/14 12:0 a.m.•76 views

Nakid-CMS CSRF, Persistent XSS & LFI

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-NAKIDCMS0611.txt Vendor: ================================ http://kilrizzy.github.io/Nakid-CMS/ Product: ================================ kilrizzy-Nakid-CMS-f274624 Nakid CMS is...

6.6AI score

Exploit DB•added 2015/06/12 12:0 a.m.•35 views

Nakid CMS - Multiple Vulnerabilities

Exploit Title: CSRF, Persistent XSS & LFI Google Dork: intitle: CSRF, Persistent XSS & LFI Date: 2015-06-11 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: kilrizzy.github.io/Nakid-CMS Software Link: kilrizzy.github.io/Nakid-CMS Version:...

7.4AI score

Packet Storm•added 2015/06/12 12:0 a.m.•34 views

Nakid CMS CSRF / XSS / Local File Inclusion

0.1AI score

exploitpack•added 2015/06/12 12:0 a.m.•22 views

Nakid CMS - Multiple Vulnerabilities

Nakid CMS - Multiple Vulnerabilities Exploit Title: CSRF, Persistent XSS & LFI Google Dork: intitle: CSRF, Persistent XSS & LFI Date: 2015-06-11 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: kilrizzy.github.io/Nakid-CMS Software Link:...

0.5AI score

0day.today•added 2015/06/12 12:0 a.m.•30 views

Nakid CMS CSRF / XSS / Local File Inclusion Vulnerability

Nakid CMS suffers from cross site request forgery, cross site scripting, and local file inclusion vulnerabilities. + Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-NAKIDCMS0611.txt Vendor: ================================...

6.8AI score

FreeBSD•added 2015/04/15 12:0 a.m.•10 views

codeigniter -- multiple vulnerabilities

The CodeIgniter changelog reports: Security: Added HTTP "Host" header character validation to prevent cache poisoning attacks when baseurl auto-detection is used. Security: Added FSCommand and seekSegmentTime to the "evil attributes" list in CISecurity::xssclean...

1AI score

Exploit DB•added 2015/03/04 12:0 a.m.•55 views

Seagate Business NAS - Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class MetasploitModule 'Seagate Business NAS Unauthenticated Remote Command Execution', 'Description' = %q Some Seagate Busine...

7.4AI score

0day.today•added 2015/03/03 12:0 a.m.•83 views

Seagate Business NAS Unauthenticated Remote Command Execution Exploit

Some Seagate Business NAS devices are vulnerable to command execution via a local file include vulnerability hidden in the language parameter of the CodeIgniter session cookie. The vulnerability manifests in the way the language files are included in the code on the login page, and hence is open ...

10CVSS9.2AI score0.71515EPSS

myhack58•added 2015/03/02 12:0 a.m.•16 views

Seagate NAS appears remote code execution vulnerability-vulnerability warning-the black bar safety net

Foreign security researcher OJ Reeves found the Seagate NAS one remote code execution vulnerability, and in the last year of the 1 0-month 7 Report to the official, but 1 3 0 days past the official still does not fix the vulnerability, so today he released the vulnerability details. ! Overview...

0.5AI score

Packet Storm•added 2015/03/02 12:0 a.m.•60 views

Seagate Business NAS Unauthenticated Remote Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit4 'Seagate Business NAS Unauthenticated Remote Command Execution', 'Description' = %q Some Seagate Business NA...

6.8CVSS0.7AI score0.71515EPSS

Metasploit•added 2015/03/01 3:25 a.m.•51 views

Seagate Business NAS Unauthenticated Remote Command Execution

9.8CVSS9.5AI score0.71515EPSS

The Hacker News•added 2015/03/01 12:50 a.m.•66 views

Seagate NAS Zero-Day Vulnerability allows Unauthorized Root Access Remotely

Seagate, a popular vendor of hardware solutions, has a critical zero-day vulnerability in its Network Attached Storage NAS device software that possibly left thousands of its users vulnerable to hackers. Seagate's Business Storage 2-Bay NAS product, found in home and business networks, is...

5CVSS8.3AI score0.37222EPSS

0day.today•added 2015/03/01 12:0 a.m.•87 views

Seagate Business NAS <= 2014.00319 - Pre-Authentication Remote Code Execution (0day)

10CVSS9.2AI score0.71515EPSS