CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1163 matches found

exploitpack•added 2009/04/24 12:0 a.m.•12 views

PuterJams Blog PJBlog3 3.0.6 - action.asp SQL Injection

PuterJams Blog PJBlog3 3.0.6 - action.asp SQL Injection source: https://www.securityfocus.com/bid/34701/info PJBlog3 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attack...

Exploit DB•added 2009/04/16 12:0 a.m.•19 views

Geeklog 1.5.2 - 'usersettings.php' SQL Injection

source: https://www.securityfocus.com/bid/34553/info Geeklog is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data,...

Exploit DB•added 2009/03/24 12:0 a.m.•102 views

PHPizabi 0.8 - 'notepad_body' SQL Injection

source: https://www.securityfocus.com/bid/34223/info PHPizabi is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data...

OpenVAS•added 2009/03/10 12:0 a.m.•29 views

Scripts For Sites EZ Hotscripts 'software-description.php' SQL Injection Vulnerability

EZ Hotscripts is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the...

7.5CVSS0.4AI score0.00485EPSS

OpenVAS•added 2009/03/10 12:0 a.m.•20 views

vBulletin 'admincalendar.php' SQL Injection Vulnerability

vBulletin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlyin...

6.5CVSS0.8AI score0.004EPSS

Exploit DB•added 2009/02/25 12:0 a.m.•27 views

Orooj CMS - 'news.php' SQL Injection

source: https://www.securityfocus.com/bid/33908/info Orooj CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...

Exploit DB•added 2009/02/23 12:0 a.m.•22 views

Joomla! / Mambo Component gigCalendar 1.0 - 'banddetails.php' SQL Injection

source: https://www.securityfocus.com/bid/33859/info The gigCalendar component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...

exploitpack•added 2009/01/26 12:0 a.m.•10 views

Lootan - login.asp SQL Injection

Lootan - login.asp SQL Injection source: https://www.securityfocus.com/bid/33439/info Lootan is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Exploit DB•added 2009/01/16 12:0 a.m.•47 views

Blog Manager - 'ItemID' SQL Injection

source: https://www.securityfocus.com/bid/33314/info DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal...

Exploit DB•added 2008/12/04 12:0 a.m.•25 views

NPDS < 08.06 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/33051/info NPDS is prone to multiple input-validation vulnerabilities: - Multiple local file-include vulnerabilities - An HTML-injection vulnerability - Multiple SQL-injection vulnerabilities - Multiple cross-site scripting vulnerabilities Exploiting thes...

exploitpack•added 2008/12/02 12:0 a.m.•18 views

Orkut Clone - profile_social.php?id Cross-Site Scripting

Orkut Clone - profilesocial.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/32600/info Orkut Clone is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could...

exploitpack•added 2008/12/01 12:0 a.m.•12 views

ASP Forum Script - default.asp Query String Cross-Site Scripting

ASP Forum Script - default.asp Query String Cross-Site Scripting source: https://www.securityfocus.com/bid/32571/info ASP Forum Script is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data...

exploitpack•added 2008/11/29 12:0 a.m.•12 views

Ocean12 (Multiple Products) - Admin_ID SQL Injection

Ocean12 Multiple Products - AdminID SQL Injection source: https://www.securityfocus.com/bid/32527/info Multiple Ocean12 products are prone to an SQL-injection vulnerability because they fail to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the...

Exploit DB•added 2008/11/10 12:0 a.m.•22 views

Dizi Portali - 'film.asp' SQL Injection

source: https://www.securityfocus.com/bid/32239/info Dizi Portali is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

exploitpack•added 2008/11/07 12:0 a.m.•12 views

TurnkeyForms Software Directory 1.0 - SQL Injection Cross-Site Scripting

TurnkeyForms Software Directory 1.0 - SQL Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/32175/info TurnkeyForms Software Directory is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied...

Exploit DB•added 2008/10/31 12:0 a.m.•37 views

phpWebSite 0.9.3 - 'links.php' SQL Injection

source: https://www.securityfocus.com/bid/32011/info phpWebSite is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

exploitpack•added 2008/10/21 12:0 a.m.•12 views

Dizi Portali - diziler.asp SQL Injection

Dizi Portali - diziler.asp SQL Injection source: https://www.securityfocus.com/bid/31849/info Dizi Portali is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

Prion•added 2008/10/03 5:41 p.m.•22 views

Code injection

lighttpd before 1.4.20 compares URIs to patterns in the 1 url.redirect and 2 url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data...

7.5CVSS6.7AI score0.00512EPSS

Exploits1References24Affected Software2

Debian CVE•added 2008/10/03 5:18 p.m.•24 views

CVE-2008-4359

lighttpd before 1.4.20 compares URIs to patterns in the 1 url.redirect and 2 url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data...

7.5CVSS6.5AI score0.00512EPSS

Exploit DB•added 2008/09/23 12:0 a.m.•53 views

InterTech WCMS - 'etemplate.php' SQL Injection

source: https://www.securityfocus.com/bid/31350/info InterTech Web Content Management System WCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by