CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Prion•added 2009/06/22 7:30 p.m.•9 views

Directory traversal

Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic 1.09, when used on a case-insensitive web site, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the ssuri parameter, in conjunction with a modified component name...

5.1CVSS7.5AI score0.08329EPSS

Exploits1References6Affected Software1

Cvelist•added 2009/06/22 7:0 p.m.•17 views

CVE-2009-2161

7.7AI score0.08329EPSS

Exploits1References6

NVD•added 2007/10/09 9:17 p.m.•12 views

CVE-2007-5311

Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic Edition 1.07 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the ssuri parameter...

7.5CVSS7.1AI score0.10156EPSS

Exploits0References7

Cvelist•added 2007/10/09 9:0 p.m.•13 views

CVE-2007-5311

7.1AI score0.10156EPSS

Exploits0References7

securityvulns•added 2007/10/08 12:0 a.m.•59 views

TorrentTrader Classic Mutiple Remote vulnerabilities

Hello,, TorrentTrader Classic Mutiple Remote vulnerabilities Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Tested on TorrentTrader Classic v1.07 local file inclusion backend/admin-functions.php?ssuri=dd Xss...

1.3AI score

Exploits0

Debian CVE•added 2007/09/14 6:0 p.m.•19 views

CVE-2007-4893

wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress multi-user MU before 1.2.5a does not properly verify the unfilteredhtml privilege, which allows remote attackers to conduct cross-site scripting XSS attacks via modified data to 1 post.php or 2 page.php with a nofilter field...

4.3CVSS6AI score0.01608EPSS

Exploits0

exploitpack•added 2007/06/08 12:0 a.m.•32 views

e-Vision CMS 2.02 - SQL Injection Remote Code Execution

e-Vision CMS 2.02 - SQL Injection Remote Code Execution !/usr/bin/php -q -d shortopentag=on ...need i say more? Bug 2 admin/functions.php: if isset$COOKIE'adminlang' $languageselector = $COOKIE'adminlang'; else $languageselector = "en"; include"lang/".$languageselector.".php"; ...speaks for it se...

0.6AI score

Exploits0

Cvelist•added 2007/03/10 10:0 p.m.•22 views

CVE-2007-1409

WordPress allows remote attackers to obtain sensitive information via a direct request for wp-admin/admin-functions.php, which reveals the path in an error message...

5.9AI score0.00605EPSS

Exploits0References5

Debian CVE•added 2006/12/28 9:0 p.m.•21 views

CVE-2006-6808

Cross-site scripting XSS vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. NOTE: some sources have reported this as a vulnerability in the getfiledescription function in wp-admin/admin-functions.php...

6.8CVSS4.3AI score0.03483EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by