CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1593 matches found

Cvelist•added 2009/06/12 5:28 p.m.•11 views

CVE-2009-2037

Multiple directory traversal vulnerabilities in Online Grades & Attendance 3.2.5 and earlier, and possibly 3.2.6, when registerglobals is enabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 GLOBALSSKIN parameter to index.php and the 2 skin...

7.3AI score0.03023EPSS

Exploits0References3

seebug.org•added 2009/06/11 12:0 a.m.•17 views

MRCGIGUY FreeTicket (CH/SQL) Multiple Remote Vulnerabilities

No description provided by source. MRCGIGUY FreeTicket Multiple Remote Vulnerabilities Founder: ThE g0bL!N ------ Home: http:/www.4ckx.com/dz/ ---- Download: http://www.mrcgiguy.com/cgi-bin/freedown.cgi?id=1 Vendor:http://www.mrcgiguy.com Special Thx: Snakespc His0k4 Note: Algerie 3-1 Egypt...

7.1AI score

Exploits0

0day.today•added 2009/06/10 12:0 a.m.•18 views

MRCGIGUY FreeTicket (CH/SQL) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ MRCGIGUY FreeTicket CH/SQL Multiple Remote Vulnerabilities ============================================================ MRCGIGUY FreeTicket Multiple Remote Vulnerabilities Founde...

7.1AI score

Exploits0

exploitpack•added 2009/06/10 12:0 a.m.•17 views

mrcgiguy freeticket - Cookie Handling SQL Injection

mrcgiguy freeticket - Cookie Handling SQL Injection MRCGIGUY FreeTicket Multiple Remote Vulnerabilities Founder: ThE g0bL!N ------ Home: http:/www.4ckx.com/dz/ ---- Download: http://www.mrcgiguy.com/cgi-bin/freedown.cgi?id=1 Vendor:http://www.mrcgiguy.com Special Thx: Snakespc His0k4 Note: Algeri...

1AI score

Exploits0

Exploit DB•added 2009/06/10 12:0 a.m.•40 views

mrcgiguy freeticket - Cookie Handling / SQL Injection

MRCGIGUY FreeTicket Multiple Remote Vulnerabilities Founder: ThE g0bL!N ------ Home: http:/www.4ckx.com/dz/ ---- Download: http://www.mrcgiguy.com/cgi-bin/freedown.cgi?id=1 Vendor:http://www.mrcgiguy.com Special Thx: Snakespc His0k4 Note: Algerie 3-1 Egypt Exploit: ------ Cookies insecure...

7.4AI score

Exploits0

Packet Storm•added 2009/06/03 12:0 a.m.•17 views

Flashlight Free Edition Local File Inclusion / SQL Injection

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Flashlight Free Edition - LFI/SQL Multiple Remote Vul XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX RATM: "All hell can't stop us now!" XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --Author : k4m1k451 --E-mail :...

0.3AI score

Exploits0

seebug.org•added 2009/06/02 12:0 a.m.•29 views

Flashlight Free Edition (LFI/SQL) Multiple Remote Vulnerabilities

No description provided by source. XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Flashlight Free Edition - LFI/SQL Multiple Remote Vul XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX RATM: "All hell can't stop us now!" XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX...

7.1AI score

Exploits0

exploitpack•added 2009/06/02 12:0 a.m.•12 views

flashlight free edition - Local File Inclusion SQL Injection

flashlight free edition - Local File Inclusion SQL Injection XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Flashlight Free Edition - LFI/SQL Multiple Remote Vul XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX RATM: "All hell can't stop us now!"...

0.3AI score

Exploits0

Cvelist•added 2009/05/29 4:24 p.m.•14 views

CVE-2009-1816

SQL injection vulnerability in admin.php in My Game Script 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter aka the username field. NOTE: some of these details are obtained from third party information...

8.3AI score0.00397EPSS

Exploits1References5

CVE•added 2009/05/29 4:24 p.m.•37 views

CVE-2009-1816

CVE-2009-1816 is a SQL injection vulnerability affecting admin.php in My Game Script 2.0, exploitable via the user parameter (username field) to execute arbitrary SQL commands remotely. The vulnerability description notes that some details come from third-party information. The CVE has multiple r...

7.5CVSS8.6AI score0.00397EPSS

Exploits1References5Affected Software1

Prion•added 2009/05/22 8:30 p.m.•6 views

Remote file inclusion

PHP remote file inclusion vulnerability in admin.php in Frax.dk Php Recommend 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the formincludetemplate parameter...

7.5CVSS8.1AI score0.0369EPSS

Exploits1References3Affected Software1

Prion•added 2009/05/22 8:30 p.m.•7 views

Authentication flaw

admin.php in Frax.dk Php Recommend 1.3 and earlier does not require authentication when the user password is changed, which allows remote attackers to gain administrative privileges via modified formadminuser and formadminpass parameters...

7.5CVSS7.9AI score0.04014EPSS

Exploits1References3Affected Software1

Prion•added 2009/05/22 8:30 p.m.•8 views

Code injection

Static code injection vulnerability in admin.php in Frax.dk Php Recommend 1.3 and earlier allows remote attackers to inject arbitrary PHP code into phpreconfig.php via the formaula parameter...

7.5CVSS7.8AI score0.03691EPSS

Exploits1References3Affected Software1

CVE•added 2009/05/22 8:0 p.m.•38 views

CVE-2009-1781

CVE-2009-1781 describes a static code injection vulnerability in admin.php of Frax.dk Php Recommend 1.3 and earlier. The issue allows remote attackers to inject arbitrary PHP code into phpre_config.php through the form_aula parameter, indicating a file/configuration handling flaw in older version...

7.5CVSS7.5AI score0.03691EPSS

Exploits1References3Affected Software1

Cvelist•added 2009/05/22 8:0 p.m.•16 views

CVE-2009-1780

7.3AI score0.04014EPSS

Exploits1References3

NVD•added 2009/05/18 12:0 p.m.•14 views

CVE-2009-1658

Multiple SQL injection vulnerabilities in admin/admin.php in Realty Webware Technologies Realty Web-Base 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 user username and 2 password parameters. NOTE: some of these details are obtained from third party information...

7.5CVSS8.7AI score0.00202EPSS

Exploits1References5

Prion•added 2009/05/18 12:0 p.m.•9 views

Sql injection

7.5CVSS9.3AI score0.00202EPSS

Exploits1References5Affected Software1

Cvelist•added 2009/05/17 4:0 p.m.•15 views

CVE-2009-1658

8.7AI score0.00202EPSS

Exploits1References5

CVE•added 2009/05/17 4:0 p.m.•42 views

CVE-2009-1658

CVE-2009-1658 corresponds to multiple SQL injection vulnerabilities in Realty Web-Base 1.0, specifically in the admin/admin.php module. The root cause, as described across the provided records, is improper handling of user input (parameters: username and password), enabling remote attackers to co...

7.5CVSS8.9AI score0.00202EPSS

Exploits1References5Affected Software1

exploitpack•added 2009/05/04 12:0 a.m.•14 views

Million Dollar Text Links 1.0 - Arbitrary Authentication Bypass

Million Dollar Text Links 1.0 - Arbitrary Authentication Bypass --------------------------------------------------------------- --------------------------------------------------------------- Million Dollar Text Links 1.0 Authenication Bypass...

0.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by