CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1161 matches found

OpenVAS•added 2012/08/21 12:0 a.m.•18 views

Plixer / Dell SonicWALL Scrutinizer < 9.5.2 'q' Parameter SQLi Vulnerability - Active Check

Plixer / Dell SonicWALL Scrutinizer is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

6.5CVSS6.8AI score0.90336EPSS

Exploits7References1

OpenVAS•added 2012/08/20 12:0 a.m.•11 views

WeBid Remote File Include and SQLi Vulnerabilities

WeBid to a remote file-include issue and an SQL injection SQLi issue. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.4AI score

Exploits0References1

Exploit DB•added 2012/08/01 12:0 a.m.•17 views

tekno.Portal 0.1b - 'link.php' SQL Injection

source: https://www.securityfocus.com/bid/54786/info tekno.Portal is prone to an SQL-injection vulnerability. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. tekno.Portal 0.1b is...

7.4AI score

Exploits0

Cvelist•added 2012/06/29 10:0 p.m.•17 views

CVE-2012-2013

Unspecified vulnerability in HP System Management Homepage SMH before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors...

6.9AI score0.01302EPSS

Exploits0References1

Exploit DB•added 2012/06/18 12:0 a.m.•21 views

VANA CMS - 'index.php' Script SQL Injection

source: https://www.securityfocus.com/bid/54066/info VANA CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, o...

7AI score

Exploits0

Exploit DB•added 2012/06/14 12:0 a.m.•20 views

NetArt Media Jobs Portal - SQL Injection

source: https://www.securityfocus.com/bid/54026/info NetArt Media Jobs Portal is prone to multiple HTML-injection vulnerabilities and an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to compromise the...

7.4AI score

Exploits0

OpenVAS•added 2012/06/01 12:0 a.m.•8 views

Ganesha Digital Library Multiple SQLi and XSS Vulnerabilities

Ganesha Digital Library is prone to multiple SQL injection SQLi and cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...

7.3AI score

Exploits0References3

Prion•added 2012/05/24 12:55 a.m.•14 views

Authentication flaw

GR Board aka grboard 1.8.6.5 Community Edition does not require authentication for certain database actions, which allows remote attackers to modify or delete data via a request to 1 modrewrite.php, 2 commentwriteok.php, 3 poll/index.php, 4 update/index.php, 5 trackback.php, or 6 an arbitrary...

6.4CVSS7.5AI score0.00527EPSS

Exploits1References2Affected Software1

Prion•added 2012/05/23 9:55 p.m.•20 views

Buffer overflow

Buffer overflow in Symantec Endpoint Protection SEP 11.0.600x through 11.0.710x and Symantec Network Access Control SNAC 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script...

7.2CVSS7.3AI score0.00743EPSS

Exploits7References3Affected Software2

exploitpack•added 2012/05/22 12:0 a.m.•11 views

Plogger Photo Gallery - SQL Injection

Plogger Photo Gallery - SQL Injection source: https://www.securityfocus.com/bid/53644/info Plogger Photo Gallery is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit will allow an attacker to...

0.7AI score

Exploits0

Exploit DB•added 2012/04/27 12:0 a.m.•25 views

Uiga FanClub - 'p' SQL Injection

source: https://www.securityfocus.com/bid/53295/info Uiga FanClub is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent...

7.4AI score

Exploits0

Cvelist•added 2012/04/18 10:0 a.m.•23 views

CVE-2012-1993

Unspecified vulnerability in HP System Management Homepage SMH before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors...

5.7AI score0.00076EPSS

Exploits0References3

Exploit DB•added 2012/04/16 12:0 a.m.•14 views

Bioly 1.3 - '/index.php' Cross-Site Scripting / SQL Injection

source: https://www.securityfocus.com/bid/53018/info Bioly is prone to multiple SQL-injection and cross-site scripting vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit...

7.4AI score

Exploits0

NVD•added 2012/04/02 6:55 p.m.•15 views

CVE-2011-5085

Unspecified vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to read or modify data via unknown vectors...

7.5CVSS6.5AI score0.0046EPSS

Exploits0References2

exploitpack•added 2012/03/30 12:0 a.m.•16 views

e107 1.0 - view SQL Injection

e107 1.0 - view SQL Injection source: https://www.securityfocus.com/bid/52821/info e107 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application...

1AI score

Exploits0

Exploit DB•added 2012/03/16 12:0 a.m.•19 views

JPM Article Script 6 - 'page2' SQL Injection

source: https://www.securityfocus.com/bid/52528/info JPM Article Script 6 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or...

7.4AI score

Exploits0

Exploit DB•added 2012/03/08 12:0 a.m.•17 views

LeKommerce - 'id' SQL Injection

source: https://www.securityfocus.com/bid/52347/info LeKommerce is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

7.4AI score

Exploits0

Exploit DB•added 2012/02/16 12:0 a.m.•25 views

CMS Faethon 1.3.4 - 'articles.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/52053/info CMS Faethon is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access o...

7.4AI score

Exploits0

exploitpack•added 2012/01/30 12:0 a.m.•10 views

Joomla! Component com_firmy - Id SQL Injection

Joomla! Component comfirmy - Id SQL Injection source: https://www.securityfocus.com/bid/51727/info The 'comfirmy' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...

0.1AI score

Exploits0

Exploit DB•added 2012/01/26 12:0 a.m.•38 views

Joomla! Component com_motor - 'cid' SQL Injection

source: https://www.securityfocus.com/bid/51673/info The 'commotor' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by