CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

150 matches found

CVE•added 2011/04/13 6:0 p.m.•225 views

CVE-2011-0657

CVE-2011-0657 affects the DNSAPI.dll DNS client in multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, Windows 7 SP1). Root cause: improper processing of DNS queries by the DNS client, enabling remote attackers to run arbitrary code via (1) a crafted L...

9.8CVSS7.6AI score0.46929EPSS

Exploits2References8Affected Software6

Vulnrichment•added 2011/04/13 6:0 p.m.•13 views

CVE-2011-0657

DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote attackers to execute arbitrary code via 1 a...

7.7AI score0.46929EPSS

Exploits2References8

Cvelist•added 2011/04/13 6:0 p.m.•26 views

CVE-2011-0657

7.3AI score0.46929EPSS

Exploits2References8

OSV•added 2008/12/09 12:30 a.m.•1 views

DEBIAN-CVE-2008-5277

PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service daemon crash via a CH HINFO query...

4.3CVSS6.8AI score0.0003EPSS

Exploits0References1

securityvulns•added 2006/06/06 12:0 a.m.•67 views

A-shop v0.70 SQL INECTION

Product : A-shop Version : v0.70 Vulnerability : SQL INJECTION http://www.rammdev.com/ashop/demo/default.asp?mod=search&type=simple&q='SQLINJECTION'&cmdSearch=Search Example ; http://www.rammdev.com/ashop/demo/default.asp?mod=search&type=simple&q='unionselect201,1,1,120from20users'&cmdSearch=Sear...

0.9AI score

Exploits0

securityvulns•added 2002/10/09 12:0 a.m.•23 views

Reset any user's password in VBZoom forums

Name: VBZoom Version Affected: tested on v1.01 maybe other version vulnerable also Severity: Critical Category: Password reset Vendor URL: http://www.vbzoom.com Author: hishhish [email protected] Date: discloused on 28th August 2002 Published at 8th oct 2002 Description VBZooM is bulletin...

7.5AI score

Exploits0

Cvelist•added 2002/03/15 5:0 a.m.•23 views

CVE-2001-1226

AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database...

7.2AI score0.00621EPSS

Exploits0References3

securityvulns•added 2001/07/02 12:0 a.m.•32 views

phpMyAdmin 2.1.0 + world readable (apache) log files enable remote user to run arbitrary PHP Codes as apache user.

Note : sorry for my pity english. First of all, i want to ask a question, is it normal that if, in a MySQL query -via PHP-, i put "select from $table" . "files where ID=1" and i post table="atable ", MySQL consider the new query as a valid one so the final query will be "select from atable" ? It'...

7.3AI score

Exploits0

securityvulns•added 2001/05/29 12:0 a.m.•46 views

TWIG SQL query bugs

I can't find the person who really in charge on developing twig, so I mail about this bug to the person who announce new version of twig about two month ago. -------------------------------------------------------------------------- Subject: Unquoted SQL query = potential damage Software package:...

7.8AI score

Exploits0