CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

3943 matches found

seebug.org•added 2014/07/01 12:0 a.m.•14 views

PHPMyRing <= 4.2.1 (cherche.php) Remote SQL Injection Vulnerability

No description provided by source. Title : PHP My Ring = 4.2.1 cherche.php Remote SQL Injection Vulnerability Author : ajann http://target/path/cherche.php?limite=-1%20union%20select%200,pseudo,0,mdp,0,0%20from%20webring/&mots=%20&where=description ajann,Turkey ... Im not Hacker! milw0rm.com...

seebug.org•added 2014/07/01 12:0 a.m.•18 views

Avlc Forum (vlc_forum.php id) - Remote SQL Injection Vulnerability

No description provided by source. ==================================================================== Avlc Forum vlcforum.php id Remote SQL Injection Vulnerability ==================================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------...

seebug.org•added 2014/07/01 12:0 a.m.•22 views

OpenBB 1.0/1.1 Member.PHP Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7405/info It has been reported that OpenBB does not properly check input passed via the 'member.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the...

seebug.org•added 2014/07/01 12:0 a.m.•17 views

XOOPS Flashgames Module 1.0.1 - Remote SQL Injection Vulnerability

No description provided by source...

seebug.org•added 2014/07/01 12:0 a.m.•21 views

QuickEStore <= 8.2 (insertorder.cfm) Remote SQL Injection Vulnerability

No description provided by source. author:meoconxatvnbrain.net web application:QuickEStore Main Page:www.quickestore.com bug: sql injection at insertorder.cfm?CFID=123&CFTOKEN=1' exploit: http://www.xxx.com/insertorder.cfm?CFID=123&CFTOKEN=1sql query get admin password:...

seebug.org•added 2014/07/01 12:0 a.m.•22 views

Katalog Plyt Audio (pl) <= 1.0 - Remote SQL Injection Exploit

No description provided by source. ? / Author: Kacper Contact: [email protected] Homepage: http://www.rahim.webd.pl/ Irc: irc.milw0rm.com:6667 devilteam Pozdro dla wszystkich z kanalu IRC oraz forum DEVIL TEAM. Katalog Plyt Audio pl = 1.0 Remote SQL Injection Exploit script download:...

0day.today•added 2014/03/17 12:0 a.m.•20 views

Joomla AJAX Shoutbox <= 1.6 - Remote SQL Injection Vulnerability

Exploit for php platform in category web applications + Details: - include "helper.php"; - parameter: jallastID - Code: 113 $jallastID = JRequest::getVar 'jallastID', 0 ; 114 115 $query = 'SELECT FROM shoutbox WHERE id '.$jallastID.' ORDER BY id DESC'; - Exploit:...

OSV•added 2014/02/04 9:55 p.m.•1 views

DEBIAN-CVE-2014-1471

SQL injection vulnerability in the StateGetStatesByType function in Kernel/System/State.pm in Open Ticket Request System OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allows remote attackers to execute arbitrary SQL commands via vectors related to a ticket search URL...

7.5CVSS8.4AI score0.01617EPSS

Exploits0References1

securityvulns•added 2013/07/29 12:0 a.m.•35 views

Barracuda CudaTel 2.6.02.040 - Remote SQL Injection Vulnerability

Title: ====== Barracuda CudaTel 2.6.02.040 - Remote SQL Injection Vulnerability Date: ===== 2013-07-20 References: =========== http://vulnerability-lab.com/getcontent.php?id=775 BARRACUDA NETWORK SECURITY ID: BNSEC-723 VL-ID: ===== 775 Common Vulnerability Scoring System:...

0day.today•added 2013/01/15 12:0 a.m.•38 views

phpLiteAdmin v1.8.x->1.9.x (SQLi/FD) <= Multiple Vulnerabilities

phpLiteAdmin is suffer from multiple vulnerabilities / bugs in v1.8.x to- 1.9.x , the attacker can use some bug in the Script to inject some remote SQL command/code , and Disclosure the Full Path. Bugs : Authentication Bypass SQL Injection/Exec Full Path Disclosure...

OSV•added 2013/01/04 4:46 a.m.•1 views

DEBIAN-CVE-2012-6496

SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use...

7.5CVSS8.2AI score0.01017EPSS

Exploits2References1

0day.today•added 2012/12/24 12:0 a.m.•37 views

WordPress Plugin - W3 Total Cache Remote Sql Injection Exploit

Exploit for php platform in category web applications From the developers' description 1, W3 Total Cache is: The most complete WordPress performance framework. Recommended by web hosts like: MediaTemple, Host Gator, Page.ly and WP Engine and countless more. Trusted by countless sites like:...

0day.today•added 2012/11/07 12:0 a.m.•20 views

FocusAbacus Estate - Remote SQL Injection Vulnerability

Exploit for php platform in category web applications FocusAbacus Estate - Remote SQL Injection Vulnerability 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by...

ATTACKERKB•added 2012/08/23 8:55 p.m.•2 views

CVE-2011-5111

Multiple SQL injection vulnerabilities in Kajian Website CMS Balitbang 3.x allow remote attackers to execute arbitrary SQL commands via the hal parameter to 1 the data module in alumni.php; or the 2 lihbuku, 3 artikel, 4 album, or 5 berita module in index.php...

7.5CVSS6.4AI score0.00632EPSS

Exploits1References4

Positive Technologies•added 2012/08/15 12:0 a.m.•4 views

PT-2012-4127 · Ipswitch · Ipswitch Whatsup Gold

Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold version 15.02 Description: The issue allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter in the "WrVMwareHostList.asp" file. This enables attackers to manipulate database queries,...

7.5CVSS8.5AI score0.17214EPSS

Exploits3References10

0day.today•added 2012/08/12 12:0 a.m.•28 views

ProQuiz v2.0.2 Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: ProQuiz v2.0.2 - Multiple Vulnerabilities Date: 18/7/2012 Author: L0n3ly-H34rT My Site: http://se3c.blogspot.com/ Contact: email protected Vendor Homepage: http://proquiz.softon.org/ Software Link:...

Packet Storm•added 2012/07/24 12:0 a.m.•22 views

phpProfiles 4.5.4 Beta XSS / RFI / SQL Injection

Exploit Title: phpProfiles v4.5.4 Beta - Multiple Vulnerabilities Date: 24/7/2012 Author: L0n3ly-H34rT My Site: http://se3c.tk/ Contact: [email protected] Software Link: http://sourceforge.net/projects/phpprofiles/files/latest/download Tested on: Linux/Windows 1- Remote File Include : In Fi...

0day.today•added 2012/07/24 12:0 a.m.•26 views

phpProfiles 4.5.4 Beta XSS / RFI / SQL Injection

Exploit for php platform in category web applications Exploit Title: phpProfiles v4.5.4 Beta - Multiple Vulnerabilities Date: 24/7/2012 Author: L0n3ly-H34rT My Site: http://se3c.tk/ Contact: email protected Software Link: http://sourceforge.net/projects/phpprofiles/files/latest/download Tested on...

Packet Storm•added 2012/06/29 12:0 a.m.•28 views

Hi-Media SQL Injection

0101010101 010101010101010 01 01 0101 0101 01 01 0101 0101 01 01 0101 0101 01 01 0101 0101 01 01 0101 0101 01 01 0101 0101 01 01 0101010101 01 01 0101 010 01 01 0101 010 01 01 0101 010 01 01 0101 010 01 01 0101 010 0101010101 0101 010 + Exploit Title : hi-media Remote Sql Injection Vulnerability ...

securityvulns•added 2012/06/25 12:0 a.m.•96 views

[Suspected Spam] Swoopo Gold Shop CMS v8.4.56 - Multiple Web Vulnerabilities

Title: ====== Swoopo Gold Shop CMS v8.4.56 - Multiple Web Vulnerabilities Date: ===== 2012-05-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=515 VL-ID: ===== 515 Common Vulnerability Scoring System: ==================================== 8.5 Introduction: ============...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by