CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6696 matches found

CVE•added 2005/02/28 5:0 a.m.•79 views

CVE-2005-0591

CVE-2005-0591 affects Firefox prior to 1.0.1, allowing remote spoofing of the security and download modal dialogs (Firespoofing). Red Hat advisory RHSA-2005:176 and CentOS notes indicate that Firefox was updated and recommend upgrading to Mozilla 1.7.7 to remediate the issue.

2.6CVSS6.2AI score0.02392EPSS

Exploits1References14Affected Software1

Exploit DB•added 2005/02/24 12:0 a.m.•35 views

phpMyAdmin 2.6 - 'display_tbl_links.lib.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. An attacker may...

7AI score

Exploits0

exploitpack•added 2005/02/24 12:0 a.m.•15 views

phpMyAdmin 2.6 - Multiple Local File Inclusions

phpMyAdmin 2.6 - Multiple Local File Inclusions source: https://www.securityfocus.com/bid/12645/info phpMyAdmin is affected by multiple local file include vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it in a PHP...

7.4AI score

Exploits0

Exploit DB•added 2005/02/24 12:0 a.m.•24 views

phpMyAdmin 2.6 - 'select_server.lib.php' Multiple Cross-Site Scripting Vulnerabilities

7.4AI score

Exploits0

Exploit DB•added 2005/02/24 12:0 a.m.•26 views

phpMyAdmin 2.6 - Multiple Local File Inclusions

source: https://www.securityfocus.com/bid/12645/info phpMyAdmin is affected by multiple local file include vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it in a PHP 'include', 'require', 'require-once', or similar...

7.4AI score

Exploits0

exploitpack•added 2005/02/24 12:0 a.m.•12 views

phpMyAdmin 2.6 - theme_right.css.php Multiple Cross-Site Scripting Vulnerabilities

phpMyAdmin 2.6 - themeright.css.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied...

7AI score

Exploits0

Cvelist•added 2005/02/20 5:0 a.m.•17 views

CVE-2004-1690

Cross-site scripting XSS vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL...

6AI score0.00871EPSS

Exploits1References6

Cvelist•added 2005/02/20 5:0 a.m.•18 views

CVE-2004-1594

Cross-site scripting XSS vulnerability in FuseTalk 4.0 allows remote attackers to execute arbitrary web script via an img src tag...

6.2AI score0.00444EPSS

Exploits1References4

Cvelist•added 2005/02/20 5:0 a.m.•14 views

CVE-2004-1599

Cross-site scripting XSS vulnerability in index.php in CoolPHP 1.0-stable allows remote attackers to execute arbitrary web script or HTML via the 1 query or 2 nick parameters...

6AI score0.00565EPSS

Exploits1References5

Cvelist•added 2005/02/19 5:0 a.m.•15 views

CVE-2004-1499

Cross-site scripting XSS vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary web script or HTML via the Subject field...

6.1AI score0.00594EPSS

Exploits1References5

Exploit DB•added 2005/02/16 12:0 a.m.•20 views

MercuryBoard Forum 1.0/1.1 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/12578/info A remote cross-site scripting vulnerability affects the 'forum.php' script of MercuryBoard. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. A...

7.4AI score

Exploits0

exploitpack•added 2005/02/16 12:0 a.m.•14 views

MercuryBoard Forum 1.01.1 - Cross-Site Scripting

MercuryBoard Forum 1.01.1 - Cross-Site Scripting source: https://www.securityfocus.com/bid/12578/info A remote cross-site scripting vulnerability affects the 'forum.php' script of MercuryBoard. This issue is due to a failure of the application to properly sanitize user-supplied input prior to...

0.1AI score

Exploits0

Cvelist•added 2005/02/13 5:0 a.m.•22 views

CVE-2004-1466

The settimelimit function in Gallery before 1.4.4p2 deletes non-image files in a temporary directory every 30 seconds after they have been uploaded using savephotos.php, which allows remote attackers to upload and execute execute arbitrary scripts before they are deleted, if the temporary directo...

7.3AI score0.14066EPSS

Exploits1References5

0day.today•added 2005/02/07 12:0 a.m.•19 views

Mac OS X Adobe Version Cue Local Root Exploit

Exploit for macOS platform in category local exploits ============================================= Mac OS X Adobe Version Cue Local Root Exploit ============================================= !/usr/bin/perl -w by unl0ck-0xdeadababe http://unl0ck.void.ru http://0xdeadbabe.blackhatz.info...

6.8AI score

Exploits0

Cvelist•added 2005/02/06 5:0 a.m.•19 views

CVE-2004-1386

TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200...

7.1AI score0.012EPSS

Exploits0References7

CVE•added 2005/02/06 5:0 a.m.•39 views

CVE-2004-1386

CVE-2004-1386 : TikiWiki before 1.8.4.1 fails to properly verify uploaded images, enabling remote attackers to upload and execute arbitrary PHP scripts. This is a server-side code execution risk via image upload in the Wiki edit flow. The public description notes a separate issue (CVE-2005-0200) ...

7.5CVSS7.3AI score0.012EPSS

Exploits0References7Affected Software1

Exploit DB•added 2005/02/02 12:0 a.m.•13 views

Eurofull E-Commerce - 'Mensresp.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/12420/info Reportedly Eurofull E-Commerce is affected by a cross-site scripting vulnerability in the 'mensresp.asp' script. This issue is due to a failure of the application to properly sanitize user-supplied input. As a result of this vulnerability, it i...

7.4AI score

Exploits0

Tenable Nessus•added 2005/01/24 12:0 a.m.•18 views

TikiWiki File Upload temp Directory Arbitrary Script Execution

The remote host is running TikiWiki, a content management system written in PHP. The remote version of this software is vulnerable to a flaw in the way TikiWiki handles uploaded files. If an attacker is able to upload a file, they can then call the script remotely via a request to the...

7.5CVSS6.1AI score0.00717EPSS

Exploits0References1

exploitpack•added 2005/01/22 12:0 a.m.•21 views

Advanced Guestbook 2.22.3 - User-Agent HTML Injection

Advanced Guestbook 2.22.3 - User-Agent HTML Injection source: https://www.securityfocus.com/bid/14391/info Advanced Guestbook is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically...

7.6AI score

Exploits0

securityvulns•added 2005/01/22 12:0 a.m.•21 views

[SA13948] TikiWiki "temp" Arbitrary Script Execution Vulnerability

TITLE: TikiWiki "temp" Arbitrary Script Execution Vulnerability SECUNIA ADVISORY ID: SA13948 VERIFY ADVISORY: http://secunia.com/advisories/13948/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: TikiWiki 1.x http://secunia.com/product/3356/ DESCRIPTION: Some...

0.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by