CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7210 matches found

exploitpack•added 2009/06/29 12:0 a.m.•12 views

PHP-Sugar 0.80 - index.php?t Local File Inclusion

PHP-Sugar 0.80 - index.php?t Local File Inclusion =-=-local file include-=-= -=-=-=-=-=-=-=-=-=-=-=- script: PHP-Sugar 0.80 ----------------------- Author: ahmadbady my site :Coming Soon =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= download from:http://php-sugar.net/files/?mod=files...

7.4AI score

Exploits0

0day.today•added 2009/06/29 12:0 a.m.•23 views

PHP-Sugar 0.80 (index.php t) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications =============================================================== PHP-Sugar 0.80 index.php t Local File Inclusion Vulnerability =============================================================== =-=-local file include-=-= -=-=-=-=-=-=-=-=-=-=-=...

7.1AI score

Exploits0

NVD•added 2009/06/27 6:47 p.m.•20 views

CVE-2008-6839

Multiple cross-site scripting XSS vulnerabilities in TGS Content Management 0.3.2r2 allow remote attackers to inject arbitrary web script or HTML via the 1 msg and 2 goodmsg parameters to a login.php and b index.php, and the 3 dir and 4 id parameters to index.php. NOTE: the provenance of this...

4.3CVSS5.6AI score0.01462EPSS

Exploits1References3

Cvelist•added 2009/06/27 6:0 p.m.•24 views

CVE-2008-6839

5.6AI score0.01462EPSS

Exploits1References3

0day.today•added 2009/06/26 12:0 a.m.•25 views

Mega File Manager 1.0 (index.php page) LFI Vulnerability

Exploit for unknown platform in category web applications ======================================================== Mega File Manager 1.0 index.php page LFI Vulnerability ======================================================== + Mega File Manager 1.0 index.php page Local File Inclusion...

7.1AI score

Exploits0

Cvelist•added 2009/06/22 8:0 p.m.•18 views

CVE-2009-2164

Multiple SQL injection vulnerabilities in Kjtechforce mailman beta1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via 1 the code parameter to activate.php or 2 the dest parameter to index.php...

8.6AI score0.00953EPSS

Exploits0References3

Prion•added 2009/06/22 2:30 p.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Impleo Music Collection 2.0 allows remote attackers to inject arbitrary web script or HTML via the sort parameter...

4.3CVSS6.1AI score0.01255EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2009/06/22 2:30 p.m.•2 views

CVE-2009-2151

Directory traversal vulnerability in index.php in AdaptWeb 0.9.2 allows remote attackers to read arbitrary files via a .. dot dot in the newlang parameter...

5CVSS5.8AI score0.02712EPSS

Exploits0References2

Prion•added 2009/06/22 2:30 p.m.•14 views

Sql injection

SQL injection vulnerability in news/index.php in Campus Virtual-LMS allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS9.1AI score0.0097EPSS

Exploits0References2

NVD•added 2009/06/17 5:30 p.m.•18 views

CVE-2009-2100

Directory traversal vulnerability in the JoomlaPraise Projectfork comprojectfork component 2.0.10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php...

5CVSS6.7AI score0.08229EPSS

Exploits1References3

CVE•added 2009/06/17 5:0 p.m.•62 views

CVE-2009-2107

Webmedia Explorer (webmex) is affected by CVE-2009-2107 across versions 5.0.9 and 5.10.0, with multiple XSS in index.php. The root cause is insufficient sanitization of user-supplied data, allowing attackers to inject script via parameters such as search, tag, bookmark, and remember, among others...

4.3CVSS5.8AI score0.01452EPSS

Exploits1References4Affected Software1

Cvelist•added 2009/06/17 5:0 p.m.•32 views

CVE-2009-2100

6.7AI score0.08229EPSS

Exploits1References3

seebug.org•added 2009/06/13 12:0 a.m.•33 views

Uebimiau Web-Mail <= v3.2.0-1.8 Remote File / Overwrite Vulnerabilities

No description provided by source. Uebimiau Webmail = v3.2.0-1.8 Remote File / Overwrite Vulnerabilities Dork : Uebimiau Webmail v3.2.0-1.8 POC : /uebimiau/admin/editor.php?load=config And You Can Write Any Code As ?php passthru$GETcmd; ? After That Click Write To File Go /uebimiau/index.php?cmd=...

7.1AI score

Exploits0

Cvelist•added 2009/06/12 5:28 p.m.•21 views

CVE-2009-2037

Multiple directory traversal vulnerabilities in Online Grades & Attendance 3.2.5 and earlier, and possibly 3.2.6, when registerglobals is enabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 GLOBALSSKIN parameter to index.php and the 2 skin...

7.3AI score0.02122EPSS

Exploits0References3

CVE•added 2009/06/12 5:28 p.m.•41 views

CVE-2009-2033

CVE-2009-2033: XSS in Yogurt 0.3, via index.php msg parameter. Vulnerable component is index.php; root cause is input not sanitized, enabling remote injection of script/HTML. No remediation details provided in the supplied documents; exploitation status not specified.

4.3CVSS5.9AI score0.01475EPSS

Exploits1References3Affected Software1

exploitpack•added 2009/06/12 12:0 a.m.•20 views

campus virtual-lms - Cross-Site Scripting SQL Injection

campus virtual-lms - Cross-Site Scripting SQL Injection +-----------------------------------------------------------------------------+ LMS: Campus Virtual-LMS WEB: http://campusvirtualcomputrade.cae.net Autor: YasiÃ³n Fecha: 12 jun 2009...

0.8AI score

Exploits0

Packet Storm•added 2009/06/11 12:0 a.m.•20 views

Yogurt 0.3 SQL Injection / XSS

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Name : Yogurt Site : http://sourceforge.net/projects/yogurt/...

0.1AI score

Exploits0

Exploit DB•added 2009/06/11 12:0 a.m.•37 views

yogurt 0.3 - Cross-Site Scripting / SQL Injection

7AI score

Exploits0

exploitpack•added 2009/06/10 12:0 a.m.•11 views

School Data Navigator - page LocalRemote File Inclusion

School Data Navigator - page LocalRemote File Inclusion ---------------------------------------------------------------------------------------------------- Name : School Data Navigator Site : http://sourceforge.net/projects/school-data-nav/ Down : http://216.92.6.173/datanavigator/appandreadme.z...

Exploits0

Exploit DB•added 2009/06/10 12:0 a.m.•31 views

School Data Navigator - 'page' Local/Remote File Inclusion

---------------------------------------------------------------------------------------------------- Name : School Data Navigator Site : http://sourceforge.net/projects/school-data-nav/ Down : http://216.92.6.173/datanavigator/appandreadme.zip...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by