CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2006-4578

Malware in sbrugna...

7.5CVSS6.4AI score0.00743EPSS

Exploits1References6

seebug.org•added 2009/04/13 12:0 a.m.•39 views

Simbas CMS 2.0 (Auth Bypass) SQL Injection Vulnerability

No description provided by source. ----------------------------------------------------- ----------------------------------------------------- Simbas Content Management System auth Bypass Remote Sql Injecion ----------------------------------------------------- Founder: ThE g0bL!NDz Home:...

7.1AI score

Exploits0

CVE•added 2008/05/01 6:0 p.m.•34 views

CVE-2008-2048

The documents confirm a Cross-site scripting (XSS) vulnerability in Angelo-Emlak 1.0, specifically in hpz/admin/Default.asp, exploitable via the sayfa parameter. This affects Angelo-Emlak 1.0 and allows remote attackers to inject arbitrary web script or HTML. The root cause is an XSS flaw in the ...

4.3CVSS5.7AI score0.03536EPSS

Exploits0References5Affected Software1

NVD•added 2007/01/13 2:28 a.m.•14 views

CVE-2006-6927

Multiple SQL injection vulnerabilities in Rialto 1.6 allow remote attackers to execute arbitrary SQL commands via 1 the uname username and 2 pword passwd fields in a admin/default.asp; the 3 ID parameter to b listfull.asp or c printmain.asp; the 4 cat parameter to d listmain.asp, e...

7.5CVSS8.5AI score0.02737EPSS

Exploits1References6

NVD•added 2006/12/10 9:28 p.m.•6 views

CVE-2006-6455

Multiple SQL injection vulnerabilities in admin/default.asp in DUware DUdirectory 3.1, and possibly DUdirectory Pro and Pro SQL 3.x, allow remote attackers to execute arbitrary SQL commands via the 1 Username or 2 Password parameter. NOTE: some of these details are obtained from third party...

7.5CVSS8.6AI score0.00816EPSS

Exploits0References6

CVE•added 2006/12/10 9:0 p.m.•121 views

CVE-2006-6455

CVE-2006-6455 affects DUware DUdirectory 3.1 (and possibly DUdirectory Pro/Pro SQL 3.x). The vulnerability is multiple SQL injections in admin/default.asp that allow remote attackers to execute arbitrary SQL via the Username or Password parameters. This entry derives from third‑party information ...

7.5CVSS8.9AI score0.00816EPSS

Exploits0References6Affected Software1

NVD•added 2006/11/21 11:7 p.m.•10 views

CVE-2006-6030

Multiple SQL injection vulnerabilities in E-Calendar Pro 3.0 allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 passwd Password fields in a admin/default.asp; or the 3 Event Title, 4 Location, or 5 Description field when making a search engine query in b search.asp...

7.5CVSS8.4AI score0.00619EPSS

Exploits0References5

CVE•added 2006/11/21 11:0 p.m.•31 views

CVE-2006-6030

Multiple SQL injection vulnerabilities affect E-Calendar Pro 3.0. Remote attackers can execute arbitrary SQL via (1) username and (2) passwd fields in admin/default.asp or (3) Event Title, (4) Location, or (5) Description in search.asp, as described for CVE-2006-6030. The underlying issue is impr...

7.5CVSS8.8AI score0.00619EPSS

Exploits0References5Affected Software1

CVE•added 2006/09/06 10:0 p.m.•36 views

CVE-2006-4590

CVE-2006-4463 and CVE-2006-4590 describe SQL injection flaws in Jetstat.com JS ASP Faq Manager 1.10 and earlier. CVE-2006-4463 affects the administrator control panel via the pwd parameter; CVE-2006-4590 affects admin/default.asp via the uid parameter. Both allow remote attackers to potentially e...

7.5CVSS8AI score0.00743EPSS

Exploits1References5Affected Software1

NVD•added 2005/12/20 11:3 a.m.•8 views

CVE-2005-4396

Cross-site scripting XSS vulnerability in admin/Default.asp in iCMS allows remote attackers to inject arbitrary web script or HTML via the LoginMSG parameter. NOTE: the provenance of this issue is unknown; the details were obtained solely from third party sources...

4.3CVSS5.7AI score0.00297EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by