CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

6722 matches found

securityvulns•added 2007/06/22 12:0 a.m.•57 views

[Full-disclosure] MS07-034: Executing arbitrary script with mhtml: protocol handler

MS07-034: Executing arbitrary script with mhtml: protocol handler Author:Yosuke HASEGAWA yosuke.hasegawa at gmail.com Date: Wed, 21 Jun 2007 CVE: CVE-2007-2225, CVE-2007-2227 Original advisory: http://openmya.hacker.jp/hasegawa/security/ms07-034.txt...

4.3CVSS0.1AI score0.2504EPSS

Japan Vulnerability Notes•added 2007/06/18 12:0 a.m.•40 views

JVN#27203006 Internet Explorer vulnerable in MHTML handling

When Internet Explorer accesses a website with the MHTML protocol, Internet Explorer processes the contents as MHTML data, ignoring their actual content types. This behavior may result in executing the scripts embedded in the contents. The MHTML protocol handler is included in the Outlook Express...

4.3CVSS6.1AI score0.2504EPSS

Exploit DB•added 2007/06/18 12:0 a.m.•28 views

WebIf - 'OutConfig' Local File Inclusion

source: https://www.securityfocus.com/bid/24516/info WebIf is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts...

Japan Vulnerability Notes•added 2007/06/01 12:0 a.m.•31 views

JVN#38605899 Mozilla Firefox cross-site scripting vulnerability

Mozilla Firefox interprets HTML data improperly and activates event handlers for invalid HTML elements, leading to a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Upgrade the Software Mozilla has released Firefox 2.0.0.2 and...

4.3CVSS8.8AI score0.0213EPSS

exploitpack•added 2007/04/07 12:0 a.m.•11 views

PHPwebnews 0.1 - index.php Cross-Site Scripting

PHPwebnews 0.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/23448/info The 'phpwebnews' package is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

securityvulns•added 2007/03/27 12:0 a.m.•56 views

Horde Webmail Multiple HTML Injection vulnerability

Horde Webmail Multiple HTML Injection vulnerability Horde Groupware Webmail Edition is a free, enterprise ready, browser based communication suite. Users can read, send and organize email messages and manage and share calendars, contacts, tasks and notes with the standards compliant components fr...

Japan Vulnerability Notes•added 2007/03/22 12:0 a.m.•20 views

JVN#64227086 NewsGlue and Ikinari Jijyoutsuu arbitrary script execution vulnerability

Impact An arbitrary script could be executed in NewsGlue or Ikinari Jijyoutsuu. Arbitrary files on client PCs could be accessed by an attacker. Solution Products Affected NewsGlue 1.3.3 and earlier Ikinari Jijyoutsuu version 1.0.0 and 1.0.1...

Exploit DB•added 2007/03/19 12:0 a.m.•21 views

PHPX 3.5.15/3.5.16 - 'news.php' SQL Injection

source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitra...

securityvulns•added 2007/03/16 12:0 a.m.•53 views

XSS vulnerability in the online help system of several Cisco products

What: cross-site scripting XSS vulnerability in the online help system distributed with several Cisco products Release Date: 03-15-2007 Application: 14 different applications verified by Cisco up to now. For a complete list of affected products see...

Exploit DB•added 2007/02/24 12:0 a.m.•23 views

Pickle 0.3 - 'download.php' Local File Inclusion

source: https://www.securityfocus.com/bid/22703/info picKLE is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. Version 0.3 is vulnerable to this...

Exploit DB•added 2007/02/23 12:0 a.m.•22 views

XT:Commerce 3.04 - 'index.php' Local File Inclusion

source: https://www.securityfocus.com/bid/22698/info xt:Commerce is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. xt:Commerce 3.04 and prior...

Exploit DB•added 2007/02/22 12:0 a.m.•18 views

Pyrophobia 2.1.3.1 - Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/22667/info Pyrophobia is prone to multiple input-validation vulnerabilities, including multiple local file-include issues and multiple cross-site scripting issues. An attacker can exploit these issues to steal cookie-based authentication credentials, view...

exploitpack•added 2007/02/19 12:0 a.m.•12 views

Spyce 2.1.3 - spyceexamplesrequest.spy?name Cross-Site Scripting

Spyce 2.1.3 - spyceexamplesrequest.spy?name Cross-Site Scripting source: https://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execu...

exploitpack•added 2007/02/19 12:0 a.m.•32 views

Spyce 2.1.3 - spyceexamplesautomaton.spy Direct Request Error Message Information Disclosure

Spyce 2.1.3 - spyceexamplesautomaton.spy Direct Request Error Message Information Disclosure source: https://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may...

exploitpack•added 2007/02/19 12:0 a.m.•15 views

Spyce 2.1.3 - docsexamplesredirect.spy Multiple Cross-Site Scripting Vulnerabilities

Spyce 2.1.3 - docsexamplesredirect.spy Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage...

exploitpack•added 2007/02/19 12:0 a.m.•15 views

Spyce 2.1.3 - spyceexamplesgetpost.spy?Name Cross-Site Scripting

Spyce 2.1.3 - spyceexamplesgetpost.spy?Name Cross-Site Scripting source: https://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execu...

Exploit DB•added 2007/02/19 12:0 a.m.•28 views

Spyce 2.1.3 - spyce/examples/automaton.spy Direct Request Error Message Information Disclosure

source: https://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

Exploit DB•added 2007/02/19 12:0 a.m.•22 views

Spyce 2.1.3 - 'spyce/examples/getpost.spy?Name' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

Exploit DB•added 2007/02/19 12:0 a.m.•21 views

Spyce 2.1.3 - '/docs/examples/redirect.spy' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

Exploit DB•added 2007/02/19 12:0 a.m.•19 views

Spyce 2.1.3 - 'spyce/examples/request.spy?name' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by