CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

739 matches found

Exploit DB•added 2002/11/26 12:0 a.m.•27 views

News Evolution 1.0/2.0 - Include Undefined Variable Command Execution

source: https://www.securityfocus.com/bid/6260/info News Evolution is a freely available, open source news software package. It is written in PHP, and designed for use on Unix and Linux operating systems. The problem occurs in the affnews.php file. By loading this file, and defining the chemin...

exploitpack•added 2002/09/28 12:0 a.m.•13 views

SafeTP 1.46 - Passive Mode Internal IP Address Revealing

SafeTP 1.46 - Passive Mode Internal IP Address Revealing source: https://www.securityfocus.com/bid/5822/info SafeTP is a freely available, open source secure ftp client-server software package. It is available for Unix, Linux, and Microsoft Operating Systems. It has been reported that under some...

Exploit DB•added 2002/08/31 12:0 a.m.•32 views

FactoSystem Weblog 0.9/1.0/1.1 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/5600/info FactoSystem Weblog is a freely available, open source software package for weblogging and managing content. It is available for Microsoft Windows operating systems. FactoSystem does not adequately filter special characters from requests. Because...

exploitpack•added 2002/08/31 12:0 a.m.•11 views

FactoSystem Weblog 0.91.01.1 - Multiple SQL Injections

FactoSystem Weblog 0.91.01.1 - Multiple SQL Injections source: https://www.securityfocus.com/bid/5600/info FactoSystem Weblog is a freely available, open source software package for weblogging and managing content. It is available for Microsoft Windows operating systems. FactoSystem does not...

Exploit DB•added 2002/07/25 12:0 a.m.•53 views

Fake Identd 0.9/1.x - Client Query Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/5351/info Fake Identd is an open source Ident server designed to return the same information to all incoming requests. It is implemented by Tomi Ollila, and available for Linux and a number of other Unix based operating systems. Reportedly, some versio...

exploitpack•added 2002/05/24 12:0 a.m.•16 views

MIT PGP Public Key Server 0.9.20.9.4 - Search String Remote Buffer Overflow

MIT PGP Public Key Server 0.9.20.9.4 - Search String Remote Buffer Overflow source: https://www.securityfocus.com/bid/4828/info The PGP Public Key Server is a freely available, open source software package distributed by MIT. It is designed for use on Linux and Unix operating systems. The PGP...

exploitpack•added 2002/04/25 12:0 a.m.•26 views

PHProjekt 2.x3.x - Authentication Bypass

PHProjekt 2.x3.x - Authentication Bypass source: https://www.securityfocus.com/bid/4596/info PHProjekt is a freely available, open source PHP Groupware package. It is actively maintained by the PHPProjekt Development Team. It will run on most Linux and Unix variants, in addition to Microsoft...

Exploit DB•added 2002/04/19 12:0 a.m.•26 views

PostBoard 2.0 - BBCode IMG Tag Script Injection

source: https://www.securityfocus.com/bid/4559/info PostBoard is a freely available, open source message board module for the PostNuke content management system. It is designed for use on the Unix and Linux operating systems. PostBoard does not sanitize code submitted to site between IMG tags. Du...

securityvulns•added 2002/03/15 12:0 a.m.•26 views

Command execution in phprojekt.

"PHProjekt is a modular application for the coordination of group activities and to share informations and document via intranet and internet. Components of PHProjekt: Group calendar, project management, time card system, file management, contact manager, mail client and 9 other modules ...featur...

securityvulns•added 2002/02/05 12:0 a.m.•60 views

[SUPERPETZ ADVISORY #002- Faq-O-Matic Cross-Site Scripting Vulnerability]

SUPERPETZ ADVISORY 002- Faq-O-Matic Cross-Site Scripting Vulnerability // + : : ++ :o:+++ -/++ / / collect them all! this one is a lynx!! TITLE: Faq-O-Matic Cross-Site Scripting Vulnerability ----- discovery date: February 1st, 2002 -------------- publication date: February 4th, 2002...

Exploit DB•added 2002/02/04 12:0 a.m.•28 views

Faq-O-Matic 2.6/2.7 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/4023/info FAQ-O-Matic is a freely available, open-source FAQ Frequently Asked Questions manager. It is intended to run on Linux and Unix variants. FAQ-O-Matic does not sufficiently filter script code from URL parameters. It is possible to create a malicio...

exploitpack•added 2002/01/13 12:0 a.m.•15 views

CDRDAO 1.1.x - Home Directory Configuration File Symbolic Link (2)

CDRDAO 1.1.x - Home Directory Configuration File Symbolic Link 2 source: https://www.securityfocus.com/bid/3865/info CDRDAO is a freely available, open source CD recording software package available for the Unix and Linux Operating Systems. It is maintained by Andreas Mueller. When CDRDAO saves...

securityvulns•added 2001/06/23 12:0 a.m.•30 views

eXtremail Remote Format String ('s)

Bugtraq readers, eXtremail is a free integrated pop3/smtpd mail daemon for Linux x86, although it is free it is closed sourced software. It has been found that the majority of the newer versions are vulnerable to a remotely exploitable format string condition. The following versions are confirmed...

exploitpack•added 2001/06/17 12:0 a.m.•16 views

ghttpd 1.4 - Daemon Buffer Overflow

ghttpd 1.4 - Daemon Buffer Overflow // source: https://www.securityfocus.com/bid/2879/info ghttpd is a freely available, open source web server for Unix systems. ghttpd supports CGI and is easy to configure and use. A buffer overflow is known to exist in ghttp which will allow arbitrary code to b...

securityvulns•added 2001/05/14 12:0 a.m.•23 views

security hole in os groupware suite PHProjekt

Hello Bugtraq team, this is my first posting to the bugtraq ML. If my posting is incomplete or you have further questions, please don't hesitate to mail me. Daniel Wittenberg kindly notified me about the following bug. best regards Albrecht Guenther Overview PHProjekt is an open source groupware...

exploitpack•added 2001/04/17 12:0 a.m.•10 views

GoAhead Web Server 2.1 (Windows) - Denial of Service

GoAhead Web Server 2.1 Windows - Denial of Service source: https://www.securityfocus.com/bid/2607/info The GoAhead Web Server is a freely available, open source software package developed by GoAhead. The GoAhead Web Server offers a multi-platform web server and source code to the community. A...

exploitpack•added 2001/01/26 12:0 a.m.•8 views

splitvt 1.6.5 - Local Overflow

splitvt 1.6.5 - Local Overflow / MasterSecuritY spitvt.c - Local exploit for splitvt Copyright C 2001 Michel "MaXX" Kaempf Updated versions of this exploit and the corresponding advisory will be made available at: ftp://maxx.via.ecp.fr/spitvt/ This program is free software; you can redistribute i...

securityvulns•added 2000/05/11 12:0 a.m.•35 views

Gnapster Vulnerability Compromises User-readable Files

Gnapster Vulnerability Compromises User-readable Files This vulnerability was discovered at the Center for Education and Research in Information Assurance and Security CERIAS at Purdue University http://www.cerias.purdue.edu by: Tom Daniels [email protected] Florian Buchholz...

securityvulns•added 2000/05/03 12:0 a.m.•26 views

Buffer overflows in Skyline/SpinBox client

There are some buffer overflows in SpinBox/1.1 from the spinserver.conf. SpinBox is an SSI/cgi-tool used by advertisement companies, made by Skyline. Since this is closed source software, I can't post the sources. The buffer overflows are mostly in the query string strcat and strcpy instead of...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by