CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10439 matches found

Exploit DB•added 2008/10/27 12:0 a.m.•20 views

All In One 1.4 Control Panel - 'cp_polls_results.php' SQL Injection

source: https://www.securityfocus.com/bid/31949/info All In One Control Panel AIOCP is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...

7.4AI score

Exploits0

Exploit DB•added 2008/10/21 12:0 a.m.•18 views

Bahar Download Script 2.0 - 'aspkat.asp' SQL Injection

source: https://www.securityfocus.com/bid/31852/info Bahar Download Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent...

7AI score

Exploits0

exploitpack•added 2008/10/20 12:0 a.m.•10 views

PHP-Nuke Sarkilar Module - id SQL Injection

PHP-Nuke Sarkilar Module - id SQL Injection source: https://www.securityfocus.com/bid/31830/info Sarkilar module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow ...

0.6AI score

Exploits0

NVD•added 2008/10/03 5:41 p.m.•16 views

CVE-2008-4359

lighttpd before 1.4.20 compares URIs to patterns in the 1 url.redirect and 2 url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data...

7.5CVSS6.5AI score0.00512EPSS

Exploits1References24

Cvelist•added 2008/10/03 5:18 p.m.•21 views

CVE-2008-4359

6.3AI score0.00512EPSS

Exploits1References24

exploitpack•added 2008/10/03 12:0 a.m.•14 views

XAMPP for Windows 1.6.8 - cds.php SQL Injection

XAMPP for Windows 1.6.8 - cds.php SQL Injection source: https://www.securityfocus.com/bid/31564/info XAMPP for Windows is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

0.4AI score

Exploits0

Exploit DB•added 2008/09/22 12:0 a.m.•23 views

MapCal 0.1 - 'id' SQL Injection

source: https://www.securityfocus.com/bid/31304/info MapCal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, ...

7AI score

Exploits0

exploitpack•added 2008/09/22 12:0 a.m.•12 views

MapCal 0.1 - id SQL Injection

MapCal 0.1 - id SQL Injection source: https://www.securityfocus.com/bid/31304/info MapCal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

0.4AI score

Exploits0

Exploit DB•added 2008/09/19 12:0 a.m.•23 views

PHP Pro Bid 5.2.4/6.04 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/31263/info PHP Pro Bid is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access ...

7.4AI score

Exploits0

exploitpack•added 2008/09/12 12:0 a.m.•12 views

QuicO - photo.php SQL Injection

QuicO - photo.php SQL Injection source: https://www.securityfocus.com/bid/31154/info QuicO is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

0.1AI score

Exploits0

Exploit DB•added 2008/09/10 12:0 a.m.•20 views

Hot Links SQL-PHP - 'news.php' SQL Injection

source: https://www.securityfocus.com/bid/31118/info Hot Links SQL-PHP is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...

7AI score

Exploits0

Exploit DB•added 2008/09/08 12:0 a.m.•31 views

eXtrovert software Thyme 1.3 - 'pick_users.php' SQL Injection

source: https://www.securityfocus.com/bid/31063/info eXtrovert software Thyme is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, acces...

7.4AI score

Exploits0

securityvulns•added 2008/09/07 12:0 a.m.•42 views

[ MDVSA-2008:185 ] python-django

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2008:185 http://www.mandriva.com/security/ Package : python-django Date : September 3, 2008 Affected: 2007.1, 2008.0, 2008.1 Problem Description: A cross-site request forgery vulnerability was discovered in Djang...

0.2AI score

Exploits0

OSV•added 2008/09/04 5:41 p.m.•1 views

DEBIAN-CVE-2008-3909

The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery CSRF attacks and delete or modify data via unspecified requests...

5.8CVSS7AI score0.00383EPSS

Exploits0References1

UbuntuCve•added 2008/09/04 5:41 p.m.•11 views

CVE-2008-3909

5.8CVSS6AI score0.00383EPSS

Exploits0References1

PyPA•added 2008/09/04 5:41 p.m.•5 views

PYSEC-2008-2

5.8CVSS7.3AI score0.00383EPSS

Exploits0References10Affected Software1

Prion•added 2008/09/04 5:41 p.m.•9 views

Cross site request forgery (csrf)

5.8CVSS7.2AI score0.00383EPSS

Exploits0References10Affected Software1

Cvelist•added 2008/09/04 5:0 p.m.•17 views

CVE-2008-3909

6.8AI score0.00383EPSS

Exploits0References10

OpenVAS•added 2008/09/04 12:0 a.m.•27 views

FreeBSD Ports: cvs+ipv6

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS6.5AI score0.40607EPSS

Exploits0References7

exploitpack•added 2008/09/04 12:0 a.m.•11 views

XRms 1.99.2 - login.php?target Cross-Site Scripting

XRms 1.99.2 - login.php?target Cross-Site Scripting source: https://www.securityfocus.com/bid/31008/info XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The...

6.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by