CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1417 matches found

Packet Storm•added 2006/11/18 12:0 a.m.•22 views

etm_0612_sqlinj.pl.txt

!/usr/bin/perl -w use IO::Socket; use strict; Etomite CMS "id" SQL Injection Version: 0.6.1.2 Url: http://www.etomite.org Author : Alfredo Pesoli 'revenge' Description: The "id" parameter isn't properly sanitised before being returned in sql query and can be used to inject craft SQL queries, we c...

Exploit DB•added 2006/11/15 12:0 a.m.•18 views

Dragon Internet Events Listing 2.0.01 - 'event_searchdetail.asp?ID' SQL Injection

source: https://www.securityfocus.com/bid/21098/info Dragon Event Listing is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

exploitpack•added 2006/10/04 12:0 a.m.•10 views

Yener Haber Script 1.02.0 - SQL Injection

Yener Haber Script 1.02.0 - SQL Injection source: https://www.securityfocus.com/bid/20333/info Yener Haber Script is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful...

Exploit DB•added 2006/10/04 12:0 a.m.•16 views

Yener Haber Script 1.0/2.0 - SQL Injection

source: https://www.securityfocus.com/bid/20333/info Yener Haber Script is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromis...

NVD•added 2006/09/23 10:7 a.m.•11 views

CVE-2006-4960

Cross-site scripting XSS vulnerability in index.php Php Blue Dragon 2.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter, which is reflected in an error message resulting from a failed SQL query...

6.8CVSS6.2AI score0.0852EPSS

Exploits0References6

Cvelist•added 2006/09/23 10:0 a.m.•17 views

CVE-2006-4960

Cross-site scripting XSS vulnerability in index.php Php Blue Dragon 2.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter, which is reflected in an error message resulting from a failed SQL query...

6.2AI score0.0852EPSS

Exploits0References6

Exploit DB•added 2006/09/14 12:0 a.m.•18 views

ClickBlog! 2.0 - 'default.asp' SQL Injection

source: https://www.securityfocus.com/bid/20033/info ClickBlog! is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, ...

exploitpack•added 2006/09/02 12:0 a.m.•6 views

Autentificator 2.01 - Aut_Verifica.Inc.php SQL Injection

Autentificator 2.01 - AutVerifica.Inc.php SQL Injection source: https://www.securityfocus.com/bid/19813/info Autentificator is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...

securityvulns•added 2006/08/31 12:0 a.m.•45 views

IwebNegar v1.1 Multiple vulnerabilities

:: IwebNegar v1.1 Multiple vulnerabilities :: ------------------------------------------------ Software : IwebNegar v1.1 Website : ---- Bug Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerability ------------------------------------------------- Parameter "comment" are not...

securityvulns•added 2006/08/31 12:0 a.m.•51 views

Ezportal/Ztml v1.0 Multiple vulnerabilities

:: Ezportal/Ztml v1.0 Multiple vulnerabilities :: ------------------------------------------------ Software : Ezportal/Ztml Website : http://www.ztml.org Bug Discover : Hessam-x / www.hessamx.net I. Multiple Cross Site Scripting Vulnerabilities -------------------------------------------------...

Packet Storm•added 2006/08/27 12:0 a.m.•19 views

XennoBBSQL.txt

--------------------- SUMMARY --------------------- Name: XennoBB "icontopic" SQL Injection 19/8/2006 Vendor / Product: XennoBB Group http://www.xennobb.com/ Description: The world's most revolutionary and easy to use bulletin board. Revolutionary because it redefines the boundaries of usability...

exploitpack•added 2006/08/19 12:0 a.m.•10 views

XennoBB 1.0.x2.2 - Icon_Topic SQL Injection

XennoBB 1.0.x2.2 - IconTopic SQL Injection source: https://www.securityfocus.com/bid/19606/info XennoBB is prone to an SQL-injection vulnerability that could allow an attacker to influence the structure or logic of SQL queries made by the application. --------------------- EXPLOIT...

exploitpack•added 2006/07/20 12:0 a.m.•14 views

GeoAuctions 1.0.6 Enterprise - index.php?d SQL Injection

GeoAuctions 1.0.6 Enterprise - index.php?d SQL Injection source: https://www.securityfocus.com/bid/19093/info GeodesicSolutions products are prone to multiple SQL-injection vulnerabilities because the applications fail to properly sanitize user-supplied input before using it in an SQL query. A...

exploitpack•added 2006/07/18 12:0 a.m.•14 views

Eskolar CMS 0.9.0.0 - Blind SQL Injection

Eskolar CMS 0.9.0.0 - Blind SQL Injection ================================================================================================== !/usr/bin/perl use IO::Socket; ==================================================================================================...

Cvelist•added 2006/07/14 9:0 p.m.•15 views

CVE-2006-3610

index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to obtain sensitive information partial database schema via a modified pagename parameter, which reflects portions of an SQL query in the result. NOTE: it is not clear whether the information is target-specific. If not, then this...

6.5AI score0.00346EPSS

Exploits0References1

Exploit DB•added 2006/06/28 12:0 a.m.•35 views

Blog:CMS 4.0.0k - SQL Injection

!/usr/bin/php -q -d shortopentag=on url=stripslashes$row-url; $redirect=true; if strpos$row-url,'|noseo|'!==false $arr=explode",",'msnbot,googlebot,crawler,centrum'; foreach $arr as $s if strstr$SERVER"HTTPUSERAGENT",$s $redirect=false;...

exploitpack•added 2006/06/22 12:0 a.m.•14 views

Woltlab Burning Board 1.22.02.3 - showmods.php?boardid SQL Injection

Woltlab Burning Board 1.22.02.3 - showmods.php?boardid SQL Injection source: https://www.securityfocus.com/bid/18597/info WoltLab Burning Board is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied data before...

exploitpack•added 2006/06/22 12:0 a.m.•22 views

MyBulletinBoard (MyBB) 1.0.x1.1.x - usercp.php SQL Injection

MyBulletinBoard MyBB 1.0.x1.1.x - usercp.php SQL Injection source: https://www.securityfocus.com/bid/18602/info MyBulletinBoard is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A...

0day.today•added 2006/06/12 12:0 a.m.•65 views

blur6ex <= 0.3.462 (ID) Admin Disclosure / Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ====================================================================== blur6ex = 0.3.462 ID Admin Disclosure / Blind SQL Injection Exploit ====================================================================== !/usr/bin/php -q -d...

securityvulns•added 2006/06/10 12:0 a.m.•27 views

MobeSpace v2.0 - XSS

MobeSpace v2.0 Homepage: http://mobescripts.com/ Effected files: index.php The input forms of: - Profile - Comments - Uploading a file to your locker - Posting in your blog - Creating a caption for your pic - Sending PM's The input boxes of the above do not sanatize user input before generating i...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by