CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

149 matches found

Fedora•added 2011/11/13 5:35 a.m.•35 views

[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.7-1.fc15

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index =3D es, users, permissions, while you still have the ability to...

5CVSS6.8AI score0.0056EPSS

Exploits1

Zero Day Initiative•added 2011/02/07 12:0 a.m.•39 views

(0Day) IBM Informix Dynamic Server SET ENVIRONMENT Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Informix Database Server. SQL query execution privileges are required to exploit this vulnerability. The specific flaw exists within the oninit process bound to TCP port 9088 when processing th...

10CVSS3.8AI score0.2367EPSS

Exploits0References1

Fedora•added 2009/06/16 1:48 a.m.•16 views

[SECURITY] Fedora 9 Update: drupal-views-6.x.2.6-1.fc9

The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...

2.5AI score

Exploits0

Positive Technologies•added 2005/12/03 12:0 a.m.•3 views

PT-2005-4706 · Php · Phpx

Name of the Vulnerable Software and Affected Versions: PHPX versions 3.5.9 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands, bypass authentication, and upload arbitrary PHP code via the username parameter. This can be exploited by sending malicious inpu...

7.5CVSS8.3AI score0.03558EPSS

Exploits1References11

Positive Technologies•added 2005/07/12 12:0 a.m.•2 views

PT-2005-3150 · Dragonfly · Dragonfly Commerce

Name of the Vulnerable Software and Affected Versions: Dragonfly Commerce versions affected versions not specified Description: The issue allows remote attackers to modify SQL statements and possibly execute arbitrary SQL commands via several parameters, including the key parameter to "dc...

7.5CVSS8.5AI score0.00917EPSS

Exploits0References4

NVD•added 2003/10/20 4:0 a.m.•16 views

CVE-2003-0735

SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and earlier allows remote attackers to execute arbitrary SQL queries, as demonstrated using the year parameter...

7.5CVSS8.2AI score0.04601EPSS

Exploits0References3

NVD•added 2002/08/12 4:0 a.m.•16 views

CVE-2002-0811

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote attackers to cause a denial of service or execute certain queries via a SQL injection attack on the sort order parameter to buglist.cgi...

7.5CVSS7.7AI score0.00487EPSS

Exploits0References3

NVD•added 2001/05/03 4:0 a.m.•16 views

CVE-2001-0234

NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed userusername parameter...

7.5CVSS8AI score0.00861EPSS

Exploits1References3

Cvelist•added 2001/03/09 5:0 a.m.•11 views

CVE-2001-0201

The Postaci frontend for PostgreSQL does not properly filter characters such as semicolons, which could allow remote attackers to execute arbitrary SQL queries via the deletecontact.php program...

7.9AI score0.00861EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by