CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3744 matches found

Prion•added 2009/09/16 7:30 p.m.•10 views

Directory traversal

Multiple directory traversal vulnerabilities in iWiccle 1.01, when magicquotesgpc is disabled, allow remote attackers to read arbitrary files via a .. dot dot in 1 the show parameter to the admin module, reachable through index.php; or 2 the module parameter to index.php...

4.3CVSS7.4AI score0.02289EPSS

Exploits0References2Affected Software1

NVD•added 2009/09/16 5:30 p.m.•19 views

CVE-2009-3211

Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via a .. dot dot in the optionsstyledir parameter to the default URI...

6.8CVSS6.7AI score0.01917EPSS

Exploits1References2

Exploit DB•added 2009/09/14 12:0 a.m.•50 views

Portable E.M Magic Morph 1.95b - '.MOR' File Stack Buffer Overflow

/ Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow POC By fl0 fl0w "can't stop me/my time is now/your time is up/MY TIME IS NOW !!!!" / The EIP offset is at 312 bytes 0x138 HEX After you compile and create the .MOR file ,edit it with HEX EDITOR and start counting from the start of t...

7.4AI score

Exploits0

0day.today•added 2009/09/14 12:0 a.m.•39 views

Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow PoC

Exploit for unknown platform in category local exploits ================================================================== Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow PoC ================================================================== / Portable E.M Magic Morph 1.95b .MOR Fi...

6.8AI score

Exploits0

exploitpack•added 2009/09/14 12:0 a.m.•35 views

Portable E.M Magic Morph 1.95b - .MOR File Stack Buffer Overflow

Portable E.M Magic Morph 1.95b - .MOR File Stack Buffer Overflow / Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow POC By fl0 fl0w "can't stop me/my time is now/your time is up/MY TIME IS NOW !!!!" / The EIP offset is at 312 bytes 0x138 HEX After you compile and create the .MOR fil...

0.6AI score

Exploits0

Packet Storm•added 2009/08/26 12:0 a.m.•23 views

eLinks SQL Injection / XSS / LFI

===================================================================== eLinks Vulnerabilities blind sql inj / xss / LFI by Inj3ct0r.com ===================================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ ...

0.6AI score

Exploits0

NVD•added 2009/08/19 5:24 a.m.•19 views

CVE-2008-6985

Multiple SQL injection vulnerabilities in includes/classes/shoppingcart.php in Zen Cart 1.2.0 through 1.3.8a, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when 1 adding or 2 updating the shopping cart...

6.8CVSS8.3AI score0.0158EPSS

Exploits3References8

OpenVAS•added 2009/08/17 12:0 a.m.•21 views

Fedora Core 10 FEDORA-2009-8136 (OpenEXR)

The remote host is missing an update to OpenEXR announced via advisory FEDORA-2009-8136. OpenVAS Vulnerability Test $Id: fcore20098136.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-8136 OpenEXR Authors: Thomas Reinke Copyright: Copyright c 2009...

7.5CVSS0.3AI score0.06437EPSS

Exploits1References2

seebug.org•added 2009/08/12 12:0 a.m.•14 views

Gazelle CMS 1.0 Multiple Vulnerabilities / RCE Exploit

No description provided by source. !/bin/bash Gazelle CMS 1.0 Multiple Vulnerabilities Script Download: http://www.anantasoft.com/index.php?Gazelle%20CMS/Download Found by whitesheep on 11/08/2009 Contact: [email protected] - https://www.ihteam.net Need magicquotegpc Off for RCE and LFI...

7.1AI score

Exploits0

Exploit DB•added 2009/08/05 12:0 a.m.•38 views

opennews 1.0 - SQL Injection / Remote Code Execution

OpenNews 1.0 SQLI/RCE Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download : http://sourceforge.net/projects/opennews-sun/ + SQL Injection Auth Bypass - Note : magicquotesgpc = off - PoC http://127.0.0.1/admin.php Username : admin ' or...

7.4AI score

Exploits0

0day.today•added 2009/08/05 12:0 a.m.•25 views

Irokez CMS 0.7.1 Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications =================================================== Irokez CMS 0.7.1 Remote SQL Injection Vulnerability ===================================================...

7.1AI score

Exploits0

Exploit DB•added 2009/08/03 12:0 a.m.•32 views

SimpleLoginSys 0.5 - Authentication Bypass

SimpleLoginSys v0.5 Auth Bypass SQL Injection Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + download : http://sourceforge.net/projects/simplesiteadmin/files/simpleloginsys/SimpleLoginSys%20v0.5/simpleloginsys0.5.zip/download + SQL Injection Auth Bypass -...

7.4AI score

Exploits0

exploitpack•added 2009/08/01 12:0 a.m.•23 views

Arab Portal 2.x - forum.php SQL Injection

Arab Portal 2.x - forum.php SQL Injection getqc &&!isset$apt-getqp $qc = $apt-getqc; $result = $apt-query"select name,comment from rafiacomment where id='$qc'"; $row = $apt-dbarray$result; $apt-row'quote' = "\n\n\nQUOTE..... :".$row'name'."\n".$row'comment'."/QUOTE"; /code - Debug : code $qc =...

0.5AI score

Exploits0

Fedora•added 2009/07/31 6:2 p.m.•31 views

[SECURITY] Fedora 10 Update: OpenEXR-1.6.1-8.fc10

OpenEXR is a high dynamic-range HDR image file format developed by Indust rial Light & Magic for use in computer imaging applications. This package contai ns libraries and sample applications for handling the format...

7.5CVSS1.3AI score0.06437EPSS

Exploits1

Fedora•added 2009/07/31 6:1 p.m.•35 views

[SECURITY] Fedora 11 Update: OpenEXR-1.6.1-8.fc11

7.5CVSS1.3AI score0.06437EPSS

Exploits1

Packet Storm•added 2009/07/28 12:0 a.m.•20 views

SerWeb Remote File Inclusion

SerWeb = 2.1.0-dev1 2009-07-02 Multiple Remote File Inclusion Vulnerabilities D.Script : http://ftp.iptel.org/pub/serweb/daily-snapshots/ POC: /loadlang.php?SERWEBconfigdir=Shell /mainprepend.php?SERWEBfunctionsdir=Shell /loadphplib.php?PHPLIBlibdir=Shell Us = phpflag magicquotesgpc Off / phpflag...

0.3AI score

Exploits0

exploitpack•added 2009/07/27 12:0 a.m.•24 views

Allomani Mobile 2.5 - Blind SQL Injection

Allomani Mobile 2.5 - Blind SQL Injection ?php iniset"maxexecutiontime",0; printr' || || | || o,7 || . o7 || q||| o///, : / / . /QQQQQQQQQQQQQQQQQQQ\ q Allomani Mobile v2.5 /QQQ/\QQQ\ Blind SQL inj. exploit /QQQQQ/ \QQQQQQ\ q GET 3 /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ q http://allomani.com |QQQQ/ By Qaband...

0.2AI score

Exploits0

seebug.org•added 2009/07/27 12:0 a.m.•13 views

Limny 1.01 (Auth Bypass) SQL Injection Vulnerability

No description provided by source. + Limny 1.01 Auth Bypass SQL Injection Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Script Homepage : http://www.limny-project.com/ + SQL Injection Vulnerability - Notes : magicquotesgpc = off - Vulnerable code in...

7.1AI score

Exploits0

Packet Storm•added 2009/07/24 12:0 a.m.•22 views

SaphpLesson 4.0 SQL Injection

---------------------------------SaphpLesson v4.0 Auth Bypass SQL Injection Vulnerability--------------------------------------- ---------------------------------------------------------------------------------------------------------------- Script : SaphpLesson version : 4.0 Language: PHP Site:...

0.1AI score

Exploits0

exploitpack•added 2009/07/24 12:0 a.m.•16 views

SaphpLesson 4.0 - Authentication Bypass

SaphpLesson 4.0 - Authentication Bypass ---------------------------------SaphpLesson v4.0 Auth Bypass SQL Injection Vulnerability--------------------------------------- ---------------------------------------------------------------------------------------------------------------- Script :...

0.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by