CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-2974

Malware in sbrugna...

6.8CVSS6.2AI score0.01666EPSS

Exploits5References5

Vulnrichment•added 2024/11/05 12:0 a.m.•11 views

CVE-2024-51382

Cross-Site Request Forgery CSRF vulnerability in JATOS v3.9.3 allows an attacker to reset the administrator's password. This critical security flaw can result in unauthorized access to the platform, enabling attackers to hijack admin accounts and compromise the integrity and security of the syste...

7AI score0.00232EPSS

Exploits1References1

OSV•added 2017/05/17 2:29 p.m.•3 views

CVE-2016-3403

Multiple cross-site request forgery CSRF vulnerabilities in the Admin Console in Zimbra Collaboration before 8.6.0 Patch 8 allow remote attackers to hijack the authentication of administrators for requests that 1 add, 2 modify, or 3 remove accounts by leveraging failure to use of a CSRF token and...

8.8CVSS5.8AI score0.01361EPSS

Exploits2References8

Packet Storm•added 2015/09/12 12:0 a.m.•19 views

CubeCart 6.0.6 Administrative Bypass

Application: CubeCart 6.0.6 5.2.12 Fixed: 07/09/2015 6.0.7 Credits: Fernando Câmara @overflowy Title: Admin account hijacking vulnerability Dork: inurl:"index.php?a=" Requirements: Default admin recovery functions enabled... Knowledge of the admin account email P.O.C Its possible for an attacker ...

0.3AI score

Exploits0

exploitpack•added 2014/04/22 12:0 a.m.•21 views

No-CMS 0.6.6 rev 1 - Admin Account Hijacking Remote Code Execution via Static Encryption Key

No-CMS 0.6.6 rev 1 - Admin Account Hijacking Remote Code Execution via Static Encryption Key ?php / Static encryptionkey of No-CMS lead to Session Array Injection in order to hijack administrator account then you will be able for upload php files to server via theme/module upload. This exploit...

1.5AI score

Exploits0

Packet Storm•added 2014/04/22 12:0 a.m.•52 views

No-CMS 0.6.6 Rev 1 Account Hijack / Remote Command Execution

mcryptexists = functionexists'mcryptencrypt';...

0.7AI score

Exploits0

Exploit DB•added 2014/04/22 12:0 a.m.•23 views

No-CMS 0.6.6 rev 1 - Admin Account Hijacking / Remote Code Execution via Static Encryption Key

mcryptexists = functionexists'mcr...

7.4AI score

Exploits0

CVE•added 2011/04/13 2:0 p.m.•59 views

CVE-2011-0748

CVE-2011-0748 concerns phpList (PHPList) before 2.10.13, where multiple CSRF vulnerabilities allow remote attackers to hijack administrator sessions for actions like adding or editing administrator accounts. The issue affects phplist prior to 2.10.13 and stems from CSRF protections missing for ad...

6.8CVSS7.3AI score0.01473EPSS

Exploits0References9Affected Software1

0day.today•added 2010/07/30 12:0 a.m.•35 views

LightNEasy 3.2 admin account hijacking csrf vulnerability

Exploit for php platform in category web applications ========================================================= LightNEasy 3.2 admin account hijacking csrf vulnerability ========================================================= Author: pimpim Software Link:...

7.1AI score

Exploits0

securityvulns•added 2003/04/25 12:0 a.m.•20 views

XOOPS MyTextSanitizer CSS 1.3x & 2.x

Author: Doxical & Magistrat http://www.blocus-zone.com Date: 25/04/2003 Object: XOOPS MyTextSanitizer Filtering Bug Allows Remote Users to Conduct Cross-Site Scripting Attacks in many modules: News, newbb, private messages, signatures etc... Impact: Disclosure of authentication information,...

1.3AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by