CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1593 matches found

CVE•added 2008/11/18 12:0 a.m.•41 views

CVE-2008-5123

CVE-2008-5123 affects CCleague Pro 1.2. The vulnerability is a SQL injection in admin.php where the u parameter allows remote attackers to execute arbitrary SQL commands. Documented impact indicates partial confidentiality, integrity, and availability. No explicit patch/version remediation is pro...

6.8CVSS8.4AI score0.00493EPSS

Exploits0References5Affected Software1

CVE•added 2008/11/18 12:0 a.m.•38 views

CVE-2008-5125

CCleague Pro 1.2 is affected; admin.php allows remote authentication bypass by setting the type cookie value to admin. Root cause: insufficient validation of the type cookie enabling access to privileged state. Impact per sources is partial confidentiality, integrity, and availability concerns du...

6.8CVSS6.9AI score0.02341EPSS

Exploits1References5Affected Software1

Prion•added 2008/11/14 6:7 p.m.•13 views

Sql injection

SQL injection vulnerability in Pro Chat Rooms 3.0.3, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the gud parameter to 1 profiles/index.php and 2 profiles/admin.php...

7.5CVSS9.1AI score0.00414EPSS

Exploits1References4Affected Software1

Exploit DB•added 2008/11/14 12:0 a.m.•30 views

TurnkeyForms Text Link Sales - 'id' Cross-Site Scripting / SQL Injection

turnkeyforms Text Link Sales Remote Sql inj & xss ---------------------------------------------------------- Discovered By: ZoRLu Date: 14.11.2008 Home: www.z0rlu.blogspot.com contact: [email protected] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : my bug number now: 43 my target bug number...

7.4AI score

Exploits0

CVE•added 2008/11/04 1:0 a.m.•36 views

CVE-2008-4913

CVE-2008-4913: LokiCMS (versions 0.3.3 and earlier) contains a directory traversal flaw in admin.php where an attacker can use a .. in the delete parameter to delete arbitrary files. The connected documents confirm the affected product/version and the underlying cause (directory traversal) but do...

5CVSS6.8AI score0.04061EPSS

Exploits1References5Affected Software1

NVD•added 2008/11/04 12:57 a.m.•7 views

CVE-2008-4913

Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attackers to delete arbitrary files via a .. dot dot in the delete parameter...

5CVSS6.8AI score0.04061EPSS

Exploits1References5

Cvelist•added 2008/11/04 12:0 a.m.•12 views

CVE-2008-4901

SQL injection vulnerability in admin/admin.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the username parameter...

8.4AI score0.00485EPSS

Exploits1References4

Packet Storm•added 2008/11/04 12:0 a.m.•17 views

maranphpshop-insecure.txt

Maran PHP Shop admin.php Insecure Cookie Handling Vulnerability url: http://www.maran.pamil-visions.com/maranshop.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk...

7.4AI score

Exploits0

CVE•added 2008/11/04 12:0 a.m.•33 views

CVE-2008-4901

The CVE-2008-4901 entry documents a SQL injection in Article Publisher Pro 1.5. Affected component: admin/admin.php, parameter username. Root cause is improper handling of user-supplied input enabling arbitrary SQL execution by remote attackers. Impact is partial confidentiality, integrity, and a...

7.5CVSS8.4AI score0.00485EPSS

Exploits1References4Affected Software1

seebug.org•added 2008/11/03 12:0 a.m.•11 views

Maran PHP Shop (admin.php) Insecure Cookie Handling Vulnerability

No description provided by source. Maran PHP Shop admin.php Insecure Cookie Handling Vulnerability url: http://www.maran.pamil-visions.com/maranshop.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational...

7.1AI score

Exploits0

exploitpack•added 2008/11/02 12:0 a.m.•13 views

Maran PHP Shop - admin.php Insecure Cookie Handling

Maran PHP Shop - admin.php Insecure Cookie Handling Maran PHP Shop admin.php Insecure Cookie Handling Vulnerability url: http://www.maran.pamil-visions.com/maranshop.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was writte...

0.5AI score

Exploits0

0day.today•added 2008/11/02 12:0 a.m.•13 views

Maran PHP Shop (admin.php) Insecure Cookie Handling Vulnerability

Exploit for unknown platform in category web applications ================================================================= Maran PHP Shop admin.php Insecure Cookie Handling Vulnerability ================================================================= Maran PHP Shop admin.php Insecure Cookie...

7.1AI score

Exploits0

Exploit DB•added 2008/11/02 12:0 a.m.•26 views

Maran PHP Shop - 'admin.php' Insecure Cookie Handling

7.4AI score

Exploits0

NVD•added 2008/11/01 6:0 a.m.•11 views

CVE-2008-4877

SQL injection vulnerability in admin.php in WebCards 1.3, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: some of these details are obtained from third party information...

6.8CVSS8.3AI score0.00493EPSS

Exploits0References5

Cvelist•added 2008/10/31 11:0 p.m.•15 views

CVE-2008-4877

8.3AI score0.00493EPSS

Exploits0References5

NVD•added 2008/10/22 10:0 p.m.•6 views

CVE-2008-4700

SQL injection vulnerability in admin.php in Libera CMS 1.12 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the liberastaffpass cookie parameter...

6.8CVSS8.2AI score0.00493EPSS

Exploits0References5

CVE•added 2008/10/22 9:0 p.m.•35 views

CVE-2008-4700

CVE-2008-4700 affects Libera CMS 1.12 and earlier. The vulnerable component is admin.php where, if magic_quotes_gpc is disabled, an attacker can inject SQL via the libera_staff_pass cookie parameter, enabling remote arbitrary SQL execution. The connected records also mention a separate vector for...

6.8CVSS8.4AI score0.00493EPSS

Exploits0References5Affected Software1

seebug.org•added 2008/10/14 12:0 a.m.•16 views

LokiCMS 0.3.4 (admin.php) Create Local File Inclusion Exploit

No description provided by source. LokiCMS 0.3.4 admin.php Create Local File Inclusion Exploit url: http://www.lokicms.com/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own...

7.1AI score

Exploits0

seebug.org•added 2008/10/14 12:0 a.m.•13 views

LokiCMS 0.3.4 writeconfig() Remote Command Execution Exploit

No description provided by source. Author: GiReX Homepage: http://girex.altervista.org CMS: LokiCMS 0.3.4 URL: http://www.lokicms.com/ Description: LokiCMS is still vulnerable to Remote Command Execution see: http://milw0rm.com/exploits/5408 The exploit changed becouse the vars changed but the...

7.1AI score

Exploits0

Exploit DB•added 2008/10/13 12:0 a.m.•35 views

LokiCMS 0.3.4 - 'admin.php' Create Local File Inclusion

LokiCMS 0.3.4 admin.php Create Local File Inclusion Exploit url: http://www.lokicms.com/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk. Author will be not responsibl...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by