CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1163 matches found

Exploit DB•added 2006/07/08 12:0 a.m.•22 views

Webvizyon - 'SayfalaAltList.asp' SQL Injection

source: https://www.securityfocus.com/bid/18899/info Webvizyon is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, o...

exploitpack•added 2006/05/08 12:0 a.m.•11 views

Ocean12 Technologies Calendar Manager Pro 1.0 1 - adminmain.asp?date SQL Injection

Ocean12 Technologies Calendar Manager Pro 1.0 1 - adminmain.asp?date SQL Injection source: https://www.securityfocus.com/bid/17877/info Calendar Manager Pro is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issu...

Prion•added 2006/04/26 8:6 p.m.•9 views

Default credentials

The 1 shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world readable permissions, which allows local users to view encrypted passwords; and the 2 NetAccess database file has world readable and writable permissions, which allows local users to view sensitive...

3.6CVSS6.6AI score0.0006EPSS

Exploits0References6Affected Software1

NVD•added 2006/04/26 8:6 p.m.•14 views

CVE-2006-2045

The 1 shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world readable permissions, which allows local users to view encrypted passwords; and the 2 NetAccess database file has world readable and writable permissions, which allows local users to view sensitive...

3.6CVSS6AI score0.0006EPSS

Exploits0References6

Cvelist•added 2006/04/26 8:0 p.m.•17 views

CVE-2006-2045

The 1 shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world readable permissions, which allows local users to view encrypted passwords; and the 2 NetAccess database file has world readable and writable permissions, which allows local users to view sensitive...

6AI score0.0006EPSS

Exploits0References6

Exploit DB•added 2006/04/25 12:0 a.m.•22 views

Cartweaver 2.16.11 - 'Results.cfm' SQL Injection

source: https://www.securityfocus.com/bid/17941/info Cartweaver ColdFusion is prone to SQL-injection vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input before using it in SQL queries. Successful exploits could allow an attacker to compromis...

exploitpack•added 2006/04/25 12:0 a.m.•6 views

Cartweaver 2.16.11 - Results.cfm SQL Injection

Cartweaver 2.16.11 - Results.cfm SQL Injection source: https://www.securityfocus.com/bid/17941/info Cartweaver ColdFusion is prone to SQL-injection vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input before using it in SQL queries. Successfu...

Exploit DB•added 2006/04/11 12:0 a.m.•21 views

PHPKIT 1.6.1 R2 - 'Include.php' SQL Injection

source: https://www.securityfocus.com/bid/17467/info PHPKIT is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

securityvulns•added 2006/04/10 12:0 a.m.•29 views

[Full-disclosure] Oracle read-only user can insert/update/delete data via specially crafted views

Hello Full Disclosure Last Thursday 6th April 2006, Oracle released a note on the Oracle knowledgebase Metalink with details about an unfixed security vulnerability =0day and a working test case =exploit code which effects all versions of Oracle from 9.2.0.0 to 10.2.0.3. This note "363848.1 - A...

exploitpack•added 2006/03/30 12:0 a.m.•19 views

O2PHP Oxygen 1.01.1 - post.php SQL Injection

O2PHP Oxygen 1.01.1 - post.php SQL Injection source: https://www.securityfocus.com/bid/17324/info Oxygen is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit cou...

exploitpack•added 2006/03/27 12:0 a.m.•10 views

DSLogin 1.0 - index.php Multiple SQL Injections

DSLogin 1.0 - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/17262/info DSLogin is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A...

Exploit DB•added 2006/03/27 12:0 a.m.•19 views

SaPHPLesson 2.0 - 'print.php' SQL Injection

source: https://www.securityfocus.com/bid/17239/info SaphpLesson is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

Exploit DB•added 2006/03/06 12:0 a.m.•30 views

Invision Power Board 2.1.5 - showtopic SQL Injection

source: https://www.securityfocus.com/bid/16971/info Invision Power Board is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

exploitpack•added 2006/03/02 12:0 a.m.•15 views

DCI-Designs Dawaween 1.03 - Poems.php SQL Injection

DCI-Designs Dawaween 1.03 - Poems.php SQL Injection source: https://www.securityfocus.com/bid/16909/info Dawaween is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. Successful exploits could allow a remote attacker...

exploitpack•added 2006/03/02 12:0 a.m.•10 views

NZ eCommerce System - index.php Multiple SQL Injections

NZ eCommerce System - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/16931/info NZ Ecommerce is prone to multiple input-validation vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. A successful exploit could...

exploitpack•added 2006/02/11 12:0 a.m.•11 views

HiveMail 1.2.21.3 - addressbook.update.php?contactgroupid Arbitrary PHP Command Execution

HiveMail 1.2.21.3 - addressbook.update.php?contactgroupid Arbitrary PHP Command Execution source: https://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL...

exploitpack•added 2005/12/12 12:0 a.m.•18 views

Scout Portal Toolkit 1.3.1 - SPT-AdvancedSearch.php Cross-Site Scripting

Scout Portal Toolkit 1.3.1 - SPT-AdvancedSearch.php Cross-Site Scripting source: https://www.securityfocus.com/bid/15818/info Scout Portal Toolkit is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit cou...

exploitpack•added 2005/12/02 12:0 a.m.•8 views

NetClassifieds Standard 1.9Professional 1.5Premium 1.0 - ViewItem.php?ItemNum SQL Injection

NetClassifieds Standard 1.9Professional 1.5Premium 1.0 - ViewItem.php?ItemNum SQL Injection source: https://www.securityfocus.com/bid/15683/info NetClassifieds is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it...

exploitpack•added 2005/11/23 12:0 a.m.•13 views

FreeForum 1.01.1 - Multiple SQL Injections

FreeForum 1.01.1 - Multiple SQL Injections source: https://www.securityfocus.com/bid/15559/info freeForum is prone to multiple SQL injection vulnerabilities. These vulnerabilities could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic o...

exploitpack•added 2005/08/20 12:0 a.m.•14 views

Land Down Under 800801 - links.php?w SQL Injection

Land Down Under 800801 - links.php?w SQL Injection source: https://www.securityfocus.com/bid/14618/info Land Down Under is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by