CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

419 matches found

The Hacker News•added 2012/03/12 7:57 a.m.•8 views

Kevin Mitnick's website open to Cross-Site Scripting ( XSS ) vulnerability

Kevin Mitnick's website open to Cross-Site Scripting XSS vulnerability Cross-Site Scripting XSS vulnerability discovered in official website of Kevin Mitnick one of the most talented hackers, and the one one most prosecuted by the state. Mitnick's hacker handle was "Condor". He became the first...

exploitpack•added 2012/03/06 12:0 a.m.•12 views

Fork CMS 3.2.x - Multiple Cross-Site Scripting HTML Injection Vulnerabilities

Fork CMS 3.2.x - Multiple Cross-Site Scripting HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/52319/info Fork CMS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits...

Exploit DB•added 2012/03/03 12:0 a.m.•24 views

Timesheet Next Gen 1.5.2 - Multiple SQL Injections

Exploit Title: Timesheet Next Gen 1.5.2 Multiple SQLi Date: 02/23/12 Author: G13 Software Link: https://sourceforge.net/projects/tsheetx/ Version: 1.5.2 Category: webapps php Vulnerability The login.php page has multiple SQL injection vulnerabilities. Both the 'username' and 'password' parameters...

Packet Storm•added 2012/02/22 12:0 a.m.•24 views

SocialCMS Cross Site Scripting / SQL Injection

Exploit Title: SocialCMS SQL Injection and XSS Vulnerability Date: 2012 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE SQL Injection and XSS can be done using the POST method. Vulnerable Page: ajax/commentajax.php SQL Injecti...

Packet Storm•added 2012/02/18 12:0 a.m.•20 views

SQL Buddy 1.3.3 Cross Site Scripting

SQL Buddy 1.3.3 GET/POST Multiple Remote Cross-Site Scripting Vulnerabilities function xssdocument.forms"xss".submit; function xss2document.forms"xss2".submit; alert1' / input t...

Packet Storm•added 2012/02/08 12:0 a.m.•11 views

SeedWiki Cross Site Scripting

Exploit Title: SeedWiki Cross Site Scripting Date: 8.02.2012 Author: Sony Software Link: http://www.seedwiki.com/ Web Browser : Mozilla Firefox Blog : http://st2tea.blogspot.com PoC: http://st2tea.blogspot.com/2012/02/seedwiki-cross-site-scripting.html...

Packet Storm•added 2012/01/04 12:0 a.m.•22 views

UBB Forum 7.5.6 Cross Site Scripting

Exploit Title: UBB Forum 7.5.6 Cross Site Scripting Date: 5.01.2012 Author: Sony Software Link: http://www.ubbcentral.com/ Google Dorks: intext:Powered by UBB.threads PHP Forum Software 7.5.6 Version: 7.5.6, maybe another version Web Browser : Mozilla Firefox Blog : http://st2tea.blogspot.com Po...

The Hacker News•added 2011/12/10 9:14 a.m.•8 views

The Mole - Another Automatic SQL Injection exploitation tool

The Mole - Another Automatic SQL Injection exploitation tool The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based...

The Hacker News•added 2011/12/10 9:14 a.m.•2 views

The Mole - Another Automatic SQL Injection exploitation tool

The Mole - Another Automatic SQL Injection exploitation tool The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based...

Packet Storm•added 2011/11/30 12:0 a.m.•27 views

Ajax Script Cross Site Scripting / SQL Injection

Exploit Title: Ajax Script SQL Injection and XSS Vulnerability Date: 2011 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE SQL Injection and XSS can be done using the POST method. Tamper data is available. Vulnerable Page:...

The Hacker News•added 2011/08/23 12:9 a.m.•11 views

Uniscan 4.0 vulnerability scanner Released

Uniscan 4.0 vulnerability scanner Released The Uniscan vulnerability scanner is aimed at information security, which aims at finding vulnerabilities in Web systems and is licensed under the GNU GENERAL PUBLIC LICENSE 3.0 GPL 3. The Uniscan was developed using the Perl programming language to be...

Packet Storm•added 2011/06/09 12:0 a.m.•12 views

Pacer Edition CMS 2.1 Cross Site Scripting

addslashes$POST'email'."'"; $results = $database-query$query; ---------------------------------------------------------------- Tested on: Microsoft Windows XP Professional SP3 EN Apache 2.2.14 Win32 PHP 5.3.1 MySQL 5.1.41 Vulnerability di...

Exploit DB•added 2011/04/26 12:0 a.m.•19 views

Noah's Classifieds 5.0.4 - 'index.php' Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/47578/info Noah's Classifieds is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing t...

Zero Science Lab•added 2011/04/06 12:0 a.m.•33 views

Anfibia Reactor 2.1.1 (login.do) Remote XSS POST Injection Vulnerability

Summary Fast web-based server monitoring. Keep an eye on servers, connections, databases, cpu, hard drives and more! Description The Anfibia Reactor JS service suffers from a XSS vulnerability when parsing user input to the 'email' parameter via POST method in 'reactor/login.do' script at the...

0day.today•added 2011/03/25 12:0 a.m.•29 views

Inventory Mojo Software Vulnerable to Multiple SQL Injection Vulnerability

Exploit for php platform in category web applications Title : Inventory Mojo Software Vulnerable to Multiple SQL Injections Found by : p0pc0rn Dork : intext:"Powered by Inventory Mojo Software." SQL --- Vulnerable Parameters are Method = GET ------------ categoria.asp producto.asp srubro.asp...

0day.today•added 2010/12/07 12:0 a.m.•20 views

MODx Revolution CMS 2.0.4-pl2 Remote XSS POST Injection Vulnerability

Exploit for php platform in category web applications ===================================================================== MODx Revolution CMS 2.0.4-pl2 Remote XSS POST Injection Vulnerability ===================================================================== getObject'modUser',array 30: 'use...

Exploit DB•added 2010/12/06 12:0 a.m.•36 views

MODx REvolution CMS 2.0.4-pl2 - POST injection Cross-Site Scripting

getObject'modUser',array 30: 'username' = $POST'username', 31: ; ... 71: else if !empty$POST'forgotlogin' 72: $c = $modx-newQuery'modUser'; 73: $c-selectarray'modUser.','Profile.email','Profile.fullname'; 74: $c-innerJoin'modUserProfile','...

Packet Storm•added 2010/12/06 12:0 a.m.•25 views

MODx Revolution CMS Cross Site Scripting

getObject'modUser',array 30: 'username' = $POST'username', 31: ; ... 71: else if !empty$POST'forgotlogin' 72: $c = $modx-newQuery'modUser'; 73: $c-selectarray'modUser.','Profile.email','Profile.fullname'; 74: $c-innerJoin'modUserProfile','Profile'; 75: $c-wherearray 76: '...

Packet Storm•added 2010/11/11 12:0 a.m.•23 views

eBlog 1.7 SQL Injection

eBlog 1.7 Multiple SQL Injection Vulnerabilities Name eBlog Vendor https://emuci.com Versions Affected 1.7 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-11-10 X. INDEX I. ABOUT THE APPLICATION II. DESCRIPTION III...

Packet Storm•added 2010/10/25 12:0 a.m.•15 views

HP Data Protector Media Operations 6.11 Denial Of Service

Exploit Title: HP Data Protector Media Operations 6.11 HTTP Server Remote Integer Overflow DoS Date: date: 17/09/10 Author: d0lc3 @rmallof http://elotrolad0.blogspot.com/ Software Link: http://www.hp.com Version: 6.11 Tested on: Windows XP SP3 Spa Sumary: """ HP Data Protector Media Operations ha...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by