CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1225 matches found

0day.today•added 2014/03/03 12:0 a.m.•20 views

Eventy Plus Cross-Site Request Forgery (Add Admin) Vulnerability

Eventy Plus suffers from a Cross-Site Request Forgery Add Admin Vulnerability. + Author: TUNISIAN CYBER + Exploit Title: Eventy Plus Cross-Site Request Forgery Add Admin Vulnerability + Date: 03-03-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-352 + Vendor:...

seebug.org•added 2014/02/24 12:0 a.m.•31 views

Subrion CMS 3.1.1跨站请求伪造漏洞

No description provided by source. + Author: TUNISIAN CYBER + Exploit Title: Subrion v3.1.1 Cross-Site Request Forgery CSRF Vulnerability + Date: 22-02-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + Vendor: http://www.subrion.com/product.html + Friendly Sites:...

0day.today•added 2014/02/24 12:0 a.m.•29 views

Savsoft Quiz Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications + Author: TUNISIAN CYBER + Exploit Title: Savsoft Quiz Cross-Site Request Forgery Add Admin Vulnerability + Date: 24-02-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-352 + Vendor: http://savsoftquiz.com/web/buy-now/ +...

Packet Storm•added 2014/02/22 12:0 a.m.•22 views

Subrion 3.1.1 Cross Site Request Forgery

Author: TUNISIAN CYBER + Exploit Title: Subrion v3.1.1 Cross-Site Request Forgery CSRF Vulnerability + Date: 22-02-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + Vendor: http://www.subrion.com/product.html + Friendly Sites: na3il.com,th3-creative.com 1.OVERVIEW: Subrion suffers...

0day.today•added 2014/02/22 12:0 a.m.•24 views

Subrion v3.1.1 Cross-Site Request Forgery (CSRF) Vulnerability

Subrion CMS 3.1.1 cross site request forgery exploit that adds an administrator. + Author: TUNISIAN CYBER + Exploit Title: Subrion v3.1.1 Cross-Site Request Forgery CSRF Vulnerability + Date: 22-02-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + Vendor:...

Packet Storm•added 2014/02/19 12:0 a.m.•59 views

MODx Evogallery Shell Upload

Author: TUNISIAN CYBER + Exploit Title: MODx Evogallery File Upload Vulnerability + Date: 18-02-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + Vendor: http://modx.com/extras/package/evogallery + Friendly Sites: na3il.com,th3-creative.com 1.OVERVIEW: MODx's module Evogallery...

0day.today•added 2014/02/18 12:0 a.m.•49 views

MODx (Evogallery) File Upload Vulnerability

Exploit for php platform in category web applications + Author: TUNISIAN CYBER + Exploit Title: MODx Evogallery File Upload Vulnerability + Date: 18-02-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + Vendor: http://modx.com/extras/package/evogallery + Friendly Sites:...

Packet Storm•added 2014/02/15 12:0 a.m.•25 views

TomatoCart 1.1.8.6 Local File Inclusion

Author: TUNISIAN CYBER + Exploit Title: TomatoCart 1.1.8.6 Local File Inclusion Vulnerability + Date: 14-02-2014 + Category: WebApp + Tested on: KaliLinux + Vendor: http://www.tomatocart.com/ + Friendly Sites: na3il.com,th3-creative.com 1.OVERVIEW: TomatoCart 1.1.8.6 old versions too suffers from...

0day.today•added 2014/02/15 12:0 a.m.•27 views

TomatoCart 1.1.8.6 Local File Inclusion Vulnerability

TomatoCart version 1.1.8.6 suffers from a local file inclusion vulnerability. + Author: TUNISIAN CYBER + Exploit Title: TomatoCart 1.1.8.6 Local File Inclusion Vulnerability + Date: 14-02-2014 + Category: WebApp + Tested on: KaliLinux + Vendor: http://www.tomatocart.com/ + Friendly Sites:...

seebug.org•added 2014/02/13 12:0 a.m.•63 views

WordPress Kiddo Theme "uploadify.php"任意文件上传漏洞

WordPress Kiddo是WordPress的儿童主题。 WordPress Kiddo的/wp-content/themes/kiddo/app/assets/js/uploadify/uploadify.php脚本允许上传任意扩展名的文件到webroot的文件夹内，如果上传的文件包含恶意PHP脚本，即可导致执行任意PHP代码。 0 WordPress Kiddo 1.x 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

Packet Storm•added 2014/02/09 12:0 a.m.•22 views

PHP Live Streaming Cross Site Scripting

Author: TUNISIAN CYBER + Exploit Title: PHP Webcam Live Streaming XSS Vulnerability + Date: 07-02-2014 + Category: WebApp + Google Dork: : + Tested on: KaliLinux + Vendor: http://sourceforge.net/projects/phplivestream/ + Friendly Sites: na3il.com,th3-creative.com +Description: VideoWhisper Live...

Packet Storm•added 2014/02/06 12:0 a.m.•26 views

Singapore 0.9.9b / 0.9.10 Cross Site Scripting

Author: TUNISIAN CYBER + Exploit Title: singapore v0.9.9b/0.9.10 admin.php POST Cross Site Scripting Vulnerability + Date: 05-02-2014 + Category: WebApp + Google Dork: : + Tested on: KaliLinux + Vendor: http://sourceforge.net/projects/singapore/ + Friendly Sites: na3il.com,th3-creative.com...

Packet Storm•added 2014/01/24 12:0 a.m.•25 views

Maian Uploader 4.0 XSS / SQL Injection / Disclosure

----------------------------------------- 0-DAY Aint DIE | No Priv8 | KedAns-Dz ----------------------------------------- ---------------------------- K |................| . h |.......................| A a |.......................| N l |.....................| S E |.......................| e D...

0day.today•added 2014/01/23 12:0 a.m.•39 views

Maian Uploader v4.0 <= (SQLi/Disclosure/XSS) Vulnerabilities

Maian Uploader v4.0 is suffer from multiple vulnerabilities remote attacker can exploit some bugs like SQL Injection , XSS and disclosure the target full path. ----------------------------------------- 0-DAY Aint DIE | No Priv8 | KedAns-Dz -----------------------------------------...

0day.today•added 2014/01/23 12:0 a.m.•199 views

Wordpress Plugin (wp-e-commerce v3.8.9.5) Multiple Vulnerabilities

Wordpress Plugin wp-e-commerce v3.8.9.5 - File Upload - RCE - LFI - XSS/CSRF ----------------------------------------- 0-DAY Aint DIE | No Priv8 | KedAns-Dz ----------------------------------------- ---------------------------- K |................| . h |.......................| A a...

10CVSS0.9AI score0.09088EPSS

Packet Storm•added 2014/01/21 12:0 a.m.•26 views

Imageview 6.x Shell Upload

Author: TUNISIAN CYBER + Exploit Title: Imageview File Upload vulnerability + Date: 20-01-2014 + Category: WebApp + Google Dork: : + Tested on: KaliLinux + Friendly Sites: na3il.com,th3-creative.com +Exploit: Imageview Suffers from a File Upload Vulnerability which allows the attacker to upload a...

Packet Storm•added 2014/01/20 12:0 a.m.•20 views

Autoresponder PRO Cross Site Scripting

Author: TUNISIAN CYBER + Exploit Title: Follow up Autoresponder PRO Cross Site Scripting vulnerability + Date: 09-01-2014 + Category: WebApp + Google Dork: : + Tested on: KaliLinux + Vendor: http://www.scripts4webmasters.com/ + Friendly Sites: na3il.com,th3-creative.com +Description: Web based...

Packet Storm•added 2014/01/14 12:0 a.m.•34 views

Web eXperts Shell Upload / SQL Injection

Author: TUNISIAN CYBER + Exploit Title: Web eXperts FileUpload/SQLi vulnerabilities + Date: 14-01-2014 + Category: WebApp + Google Dork: :intext:"Website Design & Developed By Web eXperts" + Tested on: KaliLinux + Friend's blog: www.na3il.com +Exploit: Web eXperts suffers from a File Upload/SQLi...

Packet Storm•added 2014/01/13 12:0 a.m.•24 views

WordPress DT Chocolate Cross Site Scripting

Author: TUNISIAN CYBER + Exploit Title: WordPress DT Chocolate jplayer.swf Cross Site Scripting vulnerability + Date: 13-01-2014 + Category: WebApp + Google Dork: :inurl:"/wp-content/plugins/nextgen-gallery/" + Tested on: KaliLinux + Friend's blog: www.na3il.com +Exploit: Wordpress Theme DT...

Packet Storm•added 2014/01/10 12:0 a.m.•26 views

Joomla Melody Cross Site Scripting

Author: TUNISIAN CYBER + Exploit Title: Joomla Component commelody XSS Vulnerability + Date: 09-01-2014 + Category: WebApp + Google Dork: :inurl:"components/commelody/" + Tested on: KaliLinux + Friend's blog: www.na3il.com +Exploit: The Joomla melody component suffers from an xss vulnerability...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by