CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1673 matches found

CVE•added 2008/10/22 10:0 a.m.•40 views

CVE-2008-4670

The CVE-2008-4670 entry documents a Cross-site scripting (XSS) vulnerability in the search.php component of Ed Pudol Clickbank Portal. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the search box. Affected software is described as Ed Pudol Clickbank Portal; ...

4.3CVSS5.6AI score0.00505EPSS

Exploits1References3Affected Software1

NVD•added 2008/10/21 6:0 p.m.•16 views

CVE-2008-4121

Multiple cross-site scripting XSS vulnerabilities in cpCommerce before 1.2.4 allow remote attackers to inject arbitrary web script or HTML via 1 the search parameter in a search.quick action to search.php and 2 the name parameter in a sendtofriend action to sendtofriend.php...

4.3CVSS5.6AI score0.00545EPSS

Exploits2References8

Prion•added 2008/10/18 12:18 a.m.•13 views

Sql injection

SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a searchgames action...

7.5CVSS9.1AI score0.00414EPSS

Exploits1References3Affected Software1

exploitpack•added 2008/10/16 12:0 a.m.•8 views

iGaming CMS 2.0 Alpha 1 - search.php SQL Injection

iGaming CMS 2.0 Alpha 1 - search.php SQL Injection !/usr/bin/perl ----------------------------------------------------- iGaming CMS 2.0 Alpha 1 Remote SQL Injection Exploit By StAkeR aka athos - StAkeRathotmaildotit On 16/10/2008 http://www.igamingcms.com/iGaming2Alpha.zip...

0.7AI score

Exploits0

0day.today•added 2008/10/16 12:0 a.m.•26 views

iGaming CMS 2.0 Alpha 1 (search.php) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================= iGaming CMS 2.0 Alpha 1 search.php Remote SQL Injection Exploit ================================================================= !/usr/bin/perl...

7.1AI score

Exploits0

Exploit DB•added 2008/10/16 12:0 a.m.•32 views

iGaming CMS 2.0 Alpha 1 - 'search.php' SQL Injection

!/usr/bin/perl ----------------------------------------------------- iGaming CMS 2.0 Alpha 1 Remote SQL Injection Exploit By StAkeR aka athos - StAkeRathotmaildotit On 16/10/2008 http://www.igamingcms.com/iGaming2Alpha.zip ----------------------------------------------------- use strict; use...

7.4AI score

Exploits0

xssed•added 2008/10/07 12:0 a.m.•13 views

Unfixed XSS vulnerability at www.lynuxworks.com

Security researcher TheSpecialist, has submitted on 10/07/2008 a cross-site-scripting XSS vulnerability affecting www.lynuxworks.com, which at the time of submission ranked 316251 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/07/2008. It i...

0.1AI score

Exploits0References1

Prion•added 2008/10/03 10:22 p.m.•13 views

Sql injection

SQL injection vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops might allow remote attackers to execute arbitrary SQL commands via the itemsxpag parameter...

7.5CVSS9.1AI score0.00314EPSS

Exploits0References2Affected Software1

NVD•added 2008/09/30 11:24 p.m.•13 views

CVE-2008-4365

Cross-site scripting XSS vulnerability in search.php in Siteman 1.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS5.6AI score0.00225EPSS

Exploits0References2

Prion•added 2008/09/24 2:56 p.m.•14 views

Sql injection

SQL injection vulnerability in search.php Attachmax Dolphin 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a Search action to index.php. NOTE: some of these details are obtained from third party information...

7.5CVSS9AI score0.00879EPSS

Exploits1References7Affected Software1

CVE•added 2008/09/24 2:0 p.m.•39 views

CVE-2008-4205

CVE-2008-4205 concerns SQL injection in Attachmax Dolphin

7.5CVSS8.3AI score0.00879EPSS

Exploits1References7Affected Software1

seebug.org•added 2008/09/24 12:0 a.m.•11 views

BuzzScripts BuzzyWall 'search.php' SQL注入漏洞

BUGTRAQ ID: 31308 CNCAN ID：CNCAN-2008092302 BuzzScripts BuzzyWall是一款基于PHP的WEB应用程序。 BuzzScripts BuzzyWall不正确处理用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可能获得敏感信息或操作数据库。问题由于'search.php'脚本对用户提交给'search'参数缺少过滤，构建恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 BuzzScripts BuzzyWall 1.3.1 目前没有解决方案提供：...

6.9AI score

Exploits0

NVD•added 2008/09/23 3:25 p.m.•10 views

CVE-2008-4177

SQL injection vulnerability in search.php in Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the c parameter...

7.5CVSS8.4AI score0.00414EPSS

Exploits1References4

Prion•added 2008/09/23 3:25 p.m.•11 views

Sql injection

SQL injection vulnerability in search.php in Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the c parameter...

7.5CVSS9.1AI score0.00414EPSS

Exploits1References4

Cvelist•added 2008/09/23 3:0 p.m.•16 views

CVE-2008-4179

Multiple cross-site scripting XSS vulnerabilities in NooMS 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 pageid parameter to smileys.php and the 2 q parameter to search.php...

5.8AI score0.01954EPSS

Exploits0References5

0day.today•added 2008/09/15 12:0 a.m.•14 views

Pre Real Estate Listings (search.php c) SQL Injection Vulnerability

Exploit for unknown platform in category web applications =================================================================== Pre Real Estate Listings search.php c SQL Injection Vulnerability =================================================================== Pre Real Estate Listings search.php c...

7.1AI score

Exploits0

exploitpack•added 2008/09/15 12:0 a.m.•10 views

Pre Real Estate Listings - search.php SQL Injection

Pre Real Estate Listings - search.php SQL Injection Pre Real Estate Listings search.php c Remote SQL Injection Vulnerability url: http://preproject.com/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational...

0.5AI score

Exploits0

Prion•added 2008/08/29 4:41 p.m.•12 views

Sql injection

Multiple SQL injection vulnerabilities in phpMyRealty PMR 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the id parameter in pages.php and 2 the pricemax parameter in search.php...

7.5CVSS9.2AI score0.00436EPSS

Exploits1References5Affected Software1

CVE•added 2008/08/29 4:22 p.m.•40 views

CVE-2008-3861

CVE-2008-3861 affects phpMyRealty 1.0.7 and 1.0.9 (and earlier). The vulnerability is multiple SQL injection flaws caused by insufficient input sanitization in user-supplied data, enabling remote attackers to inject SQL via two parameters: id in pages.php and price_max in search.php. OpenVAS entr...

7.5CVSS8.5AI score0.00436EPSS

Exploits1References5Affected Software1

NVD•added 2008/08/26 2:41 p.m.•12 views

CVE-2008-3788

Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 qtitle, 2 qid, and 3 qyear parameters to a search.php, and the 4 email and 5 password parameters to b login.php...

6.8CVSS8.7AI score0.00633EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by