CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

5286 matches found

Exploit DB•added 2009/12/21 12:0 a.m.•36 views

PHP-Calendar 1.1 - 'update10.php?configfile' Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/37450/info PHP-Calendar is prone to multiple remote and local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to execute arbitrary local and remote scripts in the...

0day.today•added 2009/12/17 12:0 a.m.•32 views

Piwik Open Flash Chart Remote Code Execution Vulnerability

Exploit for unknown platform in category web applications ========================================================== Piwik Open Flash Chart Remote Code Execution Vulnerability ========================================================== Class: Input Validation Error CVE: Remote: Yes Local: No...

0day.today•added 2009/12/17 12:0 a.m.•34 views

Authentication bypass+file manipulation in Sitecore Staging Mod 5.4.0

Exploit for unknown platform in category web applications ============================================================================ Authentication bypass and file manipulation in Sitecore Staging Module 5.4.0 ============================================================================ SEC...

Packet Storm•added 2009/12/17 12:0 a.m.•43 views

Sitecore Staging Module Authentication Bypass

SEC Consult Security Advisory ========================================================================== title: Authentication bypass and file manipulation in Sitecore Staging Module products: Sitecore Staging Module vulnerable version: Sitecore Staging Module = 5.4.0 rev.080625 fixed version:...

seebug.org•added 2009/12/17 12:0 a.m.•41 views

Authentication bypass and file manipulation in Sitecore Staging Module 5.4.0

No description provided by source. SEC Consult Security Advisory 20091217-0 ========================================================================== title: Authentication bypass and file manipulation in Sitecore Staging Module products: Sitecore Staging Module vulnerable version: Sitecore Stagi...

Exploit DB•added 2009/12/17 12:0 a.m.•102 views

Piwik Open Flash Chart - Remote Code Execution

Bugtraq ID: 37314 Class: Input Validation Error CVE: Remote: Yes Local: No Published: Dec 14 2009 12:00AM Updated: Dec 17 2009 06:03PM Credit: Braeden Thomas Vulnerable: Piwik Piwik 0.4.3 Piwik Piwik 0.4.2 Piwik Piwik 0.4.1 Piwik Piwik 0.4 Piwik Piwik 0.2.37 Piwik Piwik 0.2.36 Piwik Piwik 0.2.35...

Exploit DB•added 2009/12/17 12:0 a.m.•36 views

Sitecore Staging Module 5.4.0 - Authentication Bypass / File Manipulation

SEC Consult Security Advisory ========================================================================== title: Authentication bypass and file manipulation in Sitecore Staging Module products: Sitecore Staging Module vulnerable version: Sitecore Staging Module = 5.4.0 rev.080625 fixed version:...

seebug.org•added 2009/12/16 12:0 a.m.•27 views

OSSIM v2.1.5 Remote Command Execution

No description provided by source. Advisory Name: Remote Command Execution in OSSIM Vulnerability Class: Remote Command Execution Release Date: 12-16-2009 Affected Applications: Confirmed in OSSIM 2.1.5. Other versions may also be affected. Affected Platforms: Multiple Local / Remote: Remote...

0day.today•added 2009/12/16 12:0 a.m.•21 views

OSSIM v2.1.5 Remote Command Execution

Exploit for unknown platform in category web applications ===================================== OSSIM v2.1.5 Remote Command Execution ===================================== Advisory Name: Remote Command Execution in OSSIM Vulnerability Class: Remote Command Execution Release Date: 12-16-2009...

exploitpack•added 2009/12/16 12:0 a.m.•14 views

BOLDfx Recipe Script 5.0 - Multiple Remote Vulnerabilities

BOLDfx Recipe Script 5.0 - Multiple Remote Vulnerabilities source: https://www.securityfocus.com/bid/41787/info BOLDfx Recipe Script is prone to multiple remote vulnerabilities, including multiple cross-site request-forgery vulnerabilities, an arbitrary file upload vulnerability, multiple...

Exploit DB•added 2009/12/16 12:0 a.m.•34 views

OSSIM 2.1.5 - Remote Command Execution

Advisory Name: Remote Command Execution in OSSIM Vulnerability Class: Remote Command Execution Release Date: 12-16-2009 Affected Applications: Confirmed in OSSIM 2.1.5. Other versions may also be affected. Affected Platforms: Multiple Local / Remote: Remote Severity: High – CVSS: 9...

OpenVAS•added 2009/12/16 12:0 a.m.•29 views

Zen Cart Information Disclosure Vulnerability (Dec 2009) - Active Check

Zen Cart is prone to an information disclosure vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

5CVSS6AI score0.02469EPSS

Exploits1References3

Exploit DB•added 2009/12/16 12:0 a.m.•25 views

BOLDfx Recipe Script 5.0 - Multiple Remote Vulnerabilities

source: https://www.securityfocus.com/bid/41787/info BOLDfx Recipe Script is prone to multiple remote vulnerabilities, including multiple cross-site request-forgery vulnerabilities, an arbitrary file upload vulnerability, multiple HTML-injection vulnerabilities and multiple cross-site scripting...

exploitpack•added 2009/12/14 12:0 a.m.•11 views

TenderSystem 0.9.5 - main.php Multiple Local File Inclusions

TenderSystem 0.9.5 - main.php Multiple Local File Inclusions source: https://www.securityfocus.com/bid/41792/info TenderSystem is prone to a multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obta...

Exploit DB•added 2009/12/14 12:0 a.m.•15 views

TenderSystem 0.9.5 - 'main.php' Multiple Local File Inclusions

source: https://www.securityfocus.com/bid/41792/info TenderSystem is prone to a multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary...

OpenVAS•added 2009/12/02 12:0 a.m.•28 views

AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities

AdaptCMS Lite is prone to multiple cross-site scripting vulnerabilities and a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues to execute malicious PHP code in the context of the webserver process. This may allow...

4.3CVSS0.1AI score0.01484EPSS

Exploits1References2

securityvulns•added 2009/12/02 12:0 a.m.•90 views

Vulnerability Note VU#261869

Vulnerability Note VU261869 Clientless SSL VPN products break web browser domain-based security models Overview Clientless SSL VPN products from multiple vendors operate in a way that breaks fundamental browser security mechanisms. An attacker could use these devices to bypass authentication or...

6.8CVSS6.6AI score0.05134EPSS

OpenVAS•added 2009/12/02 12:0 a.m.•22 views

AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities

AdaptCMS Lite is prone to multiple cross-site scripting vulnerabilities and a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

4.3CVSS6.8AI score0.01484EPSS

Exploits1References2

OpenVAS•added 2009/11/25 12:0 a.m.•18 views

OpenX Arbitrary File Upload Vulnerability

OpenX is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately validate user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitate...

6CVSS7.2AI score0.18676EPSS

Exploits3References3

Metasploit•added 2009/11/14 1:56 a.m.•24 views

osCommerce 2.2 Arbitrary PHP Code Execution

osCommerce is a popular open source E-Commerce application. The admin console contains a file management utility that allows administrators to upload, download, and edit files. This could be abused to allow unauthenticated attackers to execute arbitrary code with the permissions of the webserver...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by