CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

649 matches found

exploitpack•added 2003/06/06 12:0 a.m.•10 views

Maxwebportal 1.30 - Remote Database Disclosure

Maxwebportal 1.30 - Remote Database Disclosure source: https://www.securityfocus.com/bid/7837/info A number of vulnerabilities have been discovered in the MaxWebPortal. The issues that have been discovered include: MaxWebPortal 'search.asp' has been reported prone to a cross-site scripting...

7.5AI score

Exploits0

Tenable Nessus•added 2003/04/14 12:0 a.m.•17 views

Instaboard index.cfm Multiple Parameter SQL Injection

The remote server is running NetPleasure's Instaboard. There is a bug in this release which allow an attacker to perform a SQL injection attack through the page 'index.cfm'. An attacker may use this flaw to gain unauthorized access to take the control of the remote database. %NASLMINLEVEL 70300 C...

5.8AI score

Exploits0

NVD•added 2003/04/02 5:0 a.m.•13 views

CVE-2002-1505

SQL injection vulnerability in board.php for WoltLab Burning Board wBB 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter...

7.5CVSS7.8AI score0.00329EPSS

Exploits1References3

securityvulns•added 2003/01/09 12:0 a.m.•92 views

IMP 2.x SQL injection vulnerabilities

IMP is a popular webmail package written in PHP. It ships with some UNIX systems and is also used on Windows servers. The version 2 of the program contains some SQL injection flaws which allow any remote user to access the webmail system's database. Valid user authentication is not required in...

Exploits0

securityvulns•added 2003/01/03 12:0 a.m.•57 views

[BUGZILLA] Security Advisory - remote database password disclosure

Bugzilla Security Advisory January 2nd, 2002 Severity: major remote database password disclosure, bug 186383 minor local file permissions, bug 183188 Summary ======= All Bugzilla installations are advised to upgrade to the latest versions of Bugzilla, 2.14.5 and 2.16.2, both released today...

7.1AI score

Exploits0

securityvulns•added 2002/08/12 12:0 a.m.•195 views

MidiCart Shopping Cart Software database vulnerability

Summary MIDICART is s an ASP and PHP based shopping Cart application with MS Access and SQL database. A security vulnerability in the product allows remote attackers to download the product's database, thus gain access to sensitive information about users of the product name, surname, address,...

1.7AI score

Exploits0

securityvulns•added 2001/12/03 12:0 a.m.•34 views

easynews 1.5 let's remote users modify database

Hey, that's my first submission so don't expect anything spectacular. There are a few bugs in Easynews 1.5: Short Description: Easynews 1.5 - database and templates remotly modifieable, cross site scripting, local users gain admin pass, and stuff : Found by: markus [email protected] Vendor...

0.3AI score

Exploits0

securityvulns•added 2000/08/12 12:0 a.m.•72 views

eTrust Access Control - Root compromise for default install

eTrust Access Control formerly SeOS default installation vulnerable to root level compromise In working with eTrust Access ControlSeOS we found that the default installation can be compromised in order to gain root access to the machines. The attacker is required to be on the same network as the...

0.9AI score

Exploits0