CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2008-5411

Malware in sbrugna...

6.5CVSS6.4AI score0.00601EPSS

Exploits0References8

CVE•added 2018/10/01 8:0 a.m.•40 views

CVE-2018-17835

GetSimple CMS 3.3.15 is affected by CVE-2018-17835. The issue is a stored XSS: an administrator can inject malicious payload via the admin/settings.php Custom Permalink Structure parameter, which then contaminates any page created at the admin/pages.php URI. The vulnerability is rooted in imprope...

4.8CVSS4.7AI score0.00235EPSS

Exploits1References1Affected Software1

Exploit DB•added 2010/11/02 12:0 a.m.•24 views

Kandidat CMS 1.4.2 - Persistent Cross-Site Scripting

Vulnerability ID: HTB22648 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinkandidatcms.html Product: Kandidat CMS Vendor: Kan-Studio http://www.kan-studio.ru/ Vulnerable Version: 1.4.2 and probably prior versions Vendor Notification: 19 October 2010 Vulnerability Type: Stored XSS Cro...

7AI score

Exploits0

seebug.org•added 2009/02/06 12:0 a.m.•18 views

SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities

No description provided by source. 0x01 Informations: Name : SilverNews 2.04 Download : http://www.silver-scripts.de/scripts.php?script=SilverNews&l=en Vulnerability : Auth Bypass\LFI\RCE Author : x0r Contact : [email protected] Notes : Proud to be Italian 0x02 Bug: Bugged file is...

7.1AI score

Exploits0

0day.today•added 2009/02/06 12:0 a.m.•13 views

SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities

Exploit for unknown platform in category web applications ============================================================== SilverNews 2.04 Auth Bypass/LFI/RCE Multiple Vulnerabilities ============================================================== 0x01 Informations: Name : SilverNews 2.04 Download :...

7.1AI score

Exploits0

NVD•added 2008/12/11 3:30 p.m.•9 views

CVE-2008-5434

Multiple SQL injection vulnerabilities in PunBB 1.3 and 1.3.1 allow remote authenticated administrators to execute arbitrary SQL commands via the 1 orderby or 2 direction parameter to admin/users.php, or 3 configuration options to admin/settings.php...

6.5CVSS8.1AI score0.00601EPSS

Exploits0References7

Prion•added 2008/12/11 3:30 p.m.•17 views

Sql injection

6.5CVSS8.9AI score0.00601EPSS

Exploits0References7Affected Software1

Cvelist•added 2008/12/11 3:0 p.m.•16 views

CVE-2008-5434

8.1AI score0.00601EPSS

Exploits0References7

Cvelist•added 2007/03/23 10:0 p.m.•15 views

CVE-2007-1635

Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System NPDS 5.10 and earlier allows remote authenticated users to inject arbitrary PHP code via the xtop parameter in a "ConfigSave" op to admin.php, which can later be accessed via a "Configure" op to admin.php...

6.8AI score0.03309EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by