CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1225 matches found

Cvelist•added 2014/10/20 3:0 p.m.•21 views

CVE-2014-5449

Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data...

5.1AI score0.00371EPSS

Exploits0References6

Cvelist•added 2014/10/20 3:0 p.m.•27 views

CVE-2014-5447

Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions 644 for config.php, which allows local users to obtain sensitive information by reading the PHP session files. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0103...

5.2AI score0.0037EPSS

Exploits0References5

CVE•added 2014/10/20 3:0 p.m.•55 views

CVE-2014-5449

CVE-2014-5449 affects Zarafa WebAccess 4.1 and WebApp, where files in the tmp directory used world-readable permissions allowed local users to read temporary session data. The connected advisory set confirms multiple permission issues and includes CVEs 2014-0103, 2014-5447, 2014-5448, 2014-5449, ...

2.1CVSS5AI score0.00371EPSS

Exploits0References6Affected Software2

CVE•added 2014/10/20 3:0 p.m.•52 views

CVE-2014-5447

Technical details for CVE-2014-5447 are not publicly available in the provided documents. No concrete exploit vectors or affected versions are disclosed here; monitor for updates.

2.1CVSS5.1AI score0.0037EPSS

Exploits0References5Affected Software2

seebug.org•added 2014/08/25 12:0 a.m.•31 views

Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities

No description provided by source. Exploit Title: Air Transfer Iphone v1.3.9 -Remote crash, Broken Authentication file download and Memo Access. Date: 08/23/2014 Author: Samandeep Singh SaMaN - @samanL33T Vendor Homepage:http://www.darinsoft.co.kr/subhtmls/airtransferguide.html...

exploitpack•added 2014/08/24 12:0 a.m.•29 views

Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities

Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities Exploit Title: Air Transfer Iphone v1.3.9 -Remote crash, Broken Authentication file download and Memo Access. Date: 08/23/2014 Author: Samandeep Singh SaMaN - @samanL33T Vendor Homepage:http://www.darinsoft.co.kr/subhtmls/airtransferguide.html...

CVE•added 2014/07/29 2:0 p.m.•64 views

CVE-2014-0103

CVE-2014-0103 affects Zarafa WebAccess (and WebApp) prior to version 7.1.10 / 1.6, where credentials are stored in cleartext in PHP session files. This enables local Apache users to read sensitive information. OpenVAS advisories link CVE-2014-0103 to multiple Zarafa updates; Fedora/MGASA advisori...

2.1CVSS5AI score0.00383EPSS

Exploits0References6Affected Software3

0day.today•added 2014/07/06 12:0 a.m.•34 views

WordPress NextGEN Gallery 2.0.63 Shell Upload Vulnerability

WordPress NextGEN Gallery plugin version 2.0.63 suffers from a remote shell upload vulnerability. Exploit Title: Wordpress NextGEN Gallery Plugin 2.0.63 Arbitrary File Upload Author: SANTHO @s4n7h0 Vendor Homepage: http://wordpress.org/plugins/nextgen-gallery/ Category: WebApp / CMS / Wordpress...

Packet Storm•added 2014/07/03 12:0 a.m.•21 views

WordPress NextGEN Gallery 2.0.63 Shell Upload

Exploit Title: Wordpress NextGEN Gallery Plugin 2.0.63 Arbitrary File Upload Author: SANTHO @s4n7h0 Vendor Homepage: http://wordpress.org/plugins/nextgen-gallery/ Category: WebApp / CMS / Wordpress Version: 2.0.63 and less --------------------------------------------------- Vulnerability Tracking...

seebug.org•added 2014/07/01 12:0 a.m.•12 views

Gentoo Webapp-Config 1.10 Insecure File Creation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13780/info Gentoo webapp-config is prone to an insecure file creation vulnerability. This issue is due to a design error that causes the application to fail to verify the existence of a file before writing to it. An...

seebug.org•added 2014/07/01 12:0 a.m.•19 views

T-Dreams Cars Ads Package 2.0 - SQL Injection

No description provided by source. Author: R4dc0re Exploit Title: T-Dreams Cars Ads Package SQL injection Vulnerability Date: 04-12-2010 Vendor or Software Link:http://t-dreams.com Category:WebApp Version:2.0 Price:31$ Contact: [email protected] Website: www.1337db.com Greetings to:...

seebug.org•added 2014/07/01 12:0 a.m.•14 views

ASPSiteware Contact Directory 1.0 - SQL Injection

No description provided by source. Author: R4dc0re Exploit Title: ASPSiteware Contact Directory SQL injection Vulnerability Date: 04-12-2010 Vendor or Software Link: www.aspsiteware.com Category:WebApp Version:1.0 Price:40$ Contact: [email protected] Website: www.1337db.com Greetings to:...

seebug.org•added 2014/07/01 12:0 a.m.•16 views

Ecommercemax Solutions Digital Goods Seller SQL Injection

No description provided by source. Author: R4dc0re Exploit Title:Ecommercemax Solutions Digital good seller Sql Injection Vulnerablity Date: 05-12-2010 Vendor or Software Link:http://www.ecommercemax.com/ Category:WebApp Version:1.5 Price:60$ Contact: [email protected] Website: www.1337db.com...

seebug.org•added 2014/07/01 12:0 a.m.•23 views

ASPSiteware JobPost 1.0 - SQL Injection

No description provided by source. Author: R4dc0re Exploit Title: ASPSiteware JobPost SQL injection Vulnerability Date: 04-12-2010 Vendor or Software Link: www.aspsiteware.com Category:WebApp Version:1.0 Price:40$ Contact: [email protected] Website: www.1337db.com Greetings to: R0073r1337db.com,...

seebug.org•added 2014/07/01 12:0 a.m.•24 views

LuxCal 3.2.2 - Multiple Vulnerabilities (CSRF/Blind SQL Injection)

No description provided by source. + Author: TUNISIAN CYBER + Exploit Title: LuxCal v3.2.2 CSRF/Blind SQL Injection Vulnerabilities + Date: 09-03-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-352/CWE-89 + Vendor: http://www.luxsoft.eu/ + Friendly Sites:...

seebug.org•added 2014/07/01 12:0 a.m.•32 views

Joomla Component com_zina SQL Injection Vulnerability

No description provided by source. Exploit Title: Joomla Component comzina SQL Injection Vulnerability Date: 21-08-2010 Author: Th3 RDX Software Link:http://www.pancake.org/zina/ Version: 2.x Tested on: Demo Site category: webapp Code : n/a...

seebug.org•added 2014/07/01 12:0 a.m.•26 views

T-dreams Announcement Script SQL Injection Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: T-dreams Announcement Script SQL injection Vulnerable Date: 21-08-2010 Author: Br0wn Sug4r Software Link: http://www.t-dreams.com/download/announce.zip Version: n/a Tested on...

seebug.org•added 2014/07/01 12:0 a.m.•19 views

MangosWeb SQL Injection Vulnerability

No description provided by source. EXPLOIT TITLE: MangosWeb SQL Vulnerability DATE: 1/7/2012 BY Hood3dRob1n AFFECTED PRODUCTS: MangosWeb Enhanced Version 3.0.3 SW LINK: http://code.google.com/p/mwenhanced/ CATEGORY: WebApp 0day DORK: intext:MangosWeb ENhanced Version 3.0.3 @2009-2011, KeysWow Dev...

seebug.org•added 2014/07/01 12:0 a.m.•19 views

plx Ad Trader 3.2 Authentication Bypass Vulnerability

No description provided by source. Vendor or Software Link: http://www.plxwebdev.com/script/adtrader/ Category:WebApp Version: 3.2 Price: 60 USD Contact: [email protected] Website: www.1337db.com Greetings to: R0073r1337db.com, L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members Submit Yo...

seebug.org•added 2014/07/01 12:0 a.m.•20 views

PHP Web Scripts Ad Manager Pro 3.0 - SQL Injection

No description provided by source. Vendor or Software Link: http://www.phpwebscripts.com/admanagerpro/ Category:WebApp Version: 3 Price: $99/$130/$325 USD Contact: [email protected] Website: www.1337db.com Greetings to: R0073r1337db.com, L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by