CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

10439 matches found

Exploit DB•added 2012/08/02 12:0 a.m.•20 views

WordPress Theme ShopperPress - SQL Injection / Cross-Site Scripting

source: https://www.securityfocus.com/bid/55062/info The ShopperPress WordPress theme is prone to an SQL-injection and multiple cross-site vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow an attacker to steal cookie-based authentication...

exploitpack•added 2012/08/01 12:0 a.m.•7 views

ManageEngine Applications Manager - Multiple SQL Injections

ManageEngine Applications Manager - Multiple SQL Injections source: https://www.securityfocus.com/bid/54756/info ManageEngine Applications Manager is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL...

OpenVAS•added 2012/07/30 12:0 a.m.•33 views

CentOS Update for java CESA-2012:0135 centos6

Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2012:0135 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

10CVSS0.4AI score0.58626EPSS

Exploits18References2

exploitpack•added 2012/07/25 12:0 a.m.•13 views

Joomla! Component Odudeprofile 2.8 - profession SQL Injection

Joomla! Component Odudeprofile 2.8 - profession SQL Injection source: https://www.securityfocus.com/bid/54677/info Odudeprofile Component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit m...

Exploit DB•added 2012/07/25 12:0 a.m.•16 views

tekno.Portal 0.1b - 'anket.php' SQL Injection

source: https://www.securityfocus.com/bid/54698/info tekno.Portal is prone to an SQL-injection vulnerability. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. tekno.Portal 0.1b is...

Exploit DB•added 2012/07/25 12:0 a.m.•23 views

Joomla! Component Odudeprofile 2.8 - 'profession' SQL Injection

source: https://www.securityfocus.com/bid/54677/info Odudeprofile Component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or...

exploitpack•added 2012/07/24 12:0 a.m.•13 views

phpProfiles - Multiple Vulnerabilities

phpProfiles - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/54660/info phpProfiles is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to execute malicious code...

Exploit DB•added 2012/07/24 12:0 a.m.•46 views

phpProfiles - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/54660/info phpProfiles is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to execute malicious code within the context of the web server...

securityvulns•added 2012/07/23 12:0 a.m.•57 views

[security bulletin] HPSBGN02787 SSRT100876 rev.1 - HP AssetManager, Remote Cross Site Scripting (XSS) and Unauthorized Data Modification

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03403333 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03403333 Version: 1 HPSBGN02787...

4.3CVSS1.2AI score0.00623EPSS

The Hacker News•added 2012/07/22 2:25 p.m.•5 views

Open Source Smart Meter Hacking Framework can Hack into the Power Grid

A researcher specializing in smart grids has released an open-source tool designed to assess the security of smart meters. Dubbed 'Termineter,' the framework would allow users, such as grid operators and administrators, to test smart meters for vulnerabilities. It claims will let security...

Exploit DB•added 2012/07/16 12:0 a.m.•16 views

Event Calender PHP - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/54455/info Event Calender PHP is prone to multiple input validation vulnerabilities. Exploiting these vulnerabilities could allow an attacker to execute arbitrary script code, steal cookie-based authentication credentials, compromise the application, acce...

UbuntuCve•added 2012/07/11 10:26 a.m.•17 views

CVE-2011-4298

Multiple cross-site request forgery CSRF vulnerabilities in mod/wiki/ components in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allow remote attackers to hijack the authentication of arbitrary users for requests that modify wiki data...

6.8CVSS5.9AI score0.00126EPSS

Exploits0References1

Prion•added 2012/06/29 10:55 p.m.•9 views

Code injection

Unspecified vulnerability in HP System Management Homepage SMH before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors...

7.5CVSS7.6AI score0.01302EPSS

Exploits0References1Affected Software1

exploitpack•added 2012/06/29 12:0 a.m.•13 views

LIOOSYS CMS - SQL Injection Information Disclosure

LIOOSYS CMS - SQL Injection Information Disclosure source: https://www.securityfocus.com/bid/54239/info LIOOSYS CMS is prone to an SQL-injection vulnerability and an information-disclosure vulnerability. Exploiting these issues could allow an attacker to obtain sensitive information, compromise t...

Exploit DB•added 2012/06/16 12:0 a.m.•23 views

Simple Document Management System 1.1.5 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/54043/info Simple Document Management System is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

Exploit DB•added 2012/06/15 12:0 a.m.•26 views

Joomla! Component JCal Pro Calendar - SQL Injection

source: https://www.securityfocus.com/bid/54042/info The JCal Pro Calendar component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

exploitpack•added 2012/06/15 12:0 a.m.•18 views

Joomla! Component JCal Pro Calendar - SQL Injection

Joomla! Component JCal Pro Calendar - SQL Injection source: https://www.securityfocus.com/bid/54042/info The JCal Pro Calendar component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting...

exploitpack•added 2012/06/14 12:0 a.m.•9 views

NetArt Media Jobs Portal - SQL Injection

NetArt Media Jobs Portal - SQL Injection source: https://www.securityfocus.com/bid/54026/info NetArt Media Jobs Portal is prone to multiple HTML-injection vulnerabilities and an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues...

Exploit DB•added 2012/06/13 12:0 a.m.•17 views

XAMPP for Windows 1.7.7 - Multiple Cross-Site Scripting / SQL Injections

source: https://www.securityfocus.com/bid/53979/info XAMPP for Windows is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access...

Exploit DB•added 2012/06/11 12:0 a.m.•28 views

Joomla! Component Joomsport - SQL Injection / Arbitrary File Upload

source: https://www.securityfocus.com/bid/53944/info The Joomsport component for Joomla! is prone to an SQL-injection vulnerability and an arbitrary file-upload vulnerability because it fails to sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by