CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

6697 matches found

seebug.org•added 2008/03/20 12:0 a.m.•99 views

ASPapp (links.asp CatId) Remote SQL Injection Vulnerability

No description provided by source. ....... ...... ..... .....CoRPITX ..... ..... ...... ....... -----------------Turkey-------------------------------------- --------- www.Hayalet-hack.com------------------------------- ----------www.xcorpitx-hack.com------------------------------ Iatek | ASPapp...

exploitpack•added 2008/03/19 12:0 a.m.•20 views

PEEL CMS 3.x - Admin Hash Extraction Arbitrary File Upload

PEEL CMS 3.x - Admin Hash Extraction Arbitrary File Upload !/usr/bin/php URL: http://realn.free.fr/ Date: 03-18-08 Targets: PEEL PREMIUM PEEL POWERSELL PEEL INTEGRALE PEEL PROFESSIONNELLE This exploit will use multiple vulns of multiple versions of PEEL to try to spawn a Remote Upload File. Speci...

0day.today•added 2008/03/19 12:0 a.m.•330 views

ASPapp (links.asp CatId) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications =========================================================== ASPapp links.asp CatId Remote SQL Injection Vulnerability =========================================================== ....... ...... ..... .....CoRPITX...

CVE•added 2008/03/13 6:0 p.m.•41 views

CVE-2007-6709

CVE-2007-6709 affects the Cisco Linksys WAG54GS Wireless-G ADSL Gateway (firmware 1.01.03 and earlier). The root cause is a default password policy where the admin account uses the password “admin,” enabling remote attackers to gain access. Public details in the provided documents confirm the vul...

7.5CVSS6.9AI score0.00758EPSS

Exploits1References5Affected Software1

securityvulns•added 2008/03/13 12:0 a.m.•41 views

PHP-Nuke Module ZClassifieds [cat] SQL Injection

----- RBT-4 crew Lovebug Italy -------- Author : Lovebug Script : PHP-Nuke Module ZClassifieds cat SQL Injection Bug : modules.php?name=ZClassifieds&cat= S Q L Exploit : -9999999//union//select//pwd,aid//from//nukeauthors/where20admin1/ Original Advisory:...

Packet Storm•added 2008/03/12 12:0 a.m.•251 views

zkup-admin.txt

!/usr/bin/php Date: 03-08-2008 Conditions: None. This exploit add a new zKup admin. / print "\n"; print " zKup CMS v2.0 \n\n"; if$argc \n eg: php zkup2adminexploit.php http://127.0.0.1/votresite/ real p4ssw0rd";exit-1; $url = $argv1; $log = $argv2; $pas = $argv3; $postit =...

exploitpack•added 2008/03/07 12:0 a.m.•13 views

zKup CMS 2.0 2.3 - Arbitrary File Upload

zKup CMS 2.0 2.3 - Arbitrary File Upload !/usr/bin/php Date: 03-08-2008 Conditions: PHP Version, magicquotesgpc=Off This exploit spawn a php uploader in your victim's server. Okay, you may need explanations: First, we can use administration without being admin see ./admin/configuration/modifier.p...

Prion•added 2008/03/04 12:44 a.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in admin/users/self.php in XRMS CRM allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: some of these details are obtained from third party information...

4.3CVSS5.9AI score0.00346EPSS

Exploits1References4Affected Software1

Packet Storm•added 2008/02/28 12:0 a.m.•28 views

podcast-rfidisclose.txt

Podcast Generator = 1.0 BETA 2 RFI / File Disclosure Remote Vulnerabilities http://sourceforge.net/project/showfiles.php?groupid=163847 POC : I- Remote File Inclusion Vulnerabilities /podcastgen1.0beta2/components/xmlparser/loadparser.php?absoluteurl=shell...

Exploit DB•added 2008/02/28 12:0 a.m.•34 views

Podcast Generator 1.0 Beta 2 - Remote File Inclusion / File Disclosure

Podcast Generator = 1.0 BETA 2 RFI / File Disclosure Remote Vulnerabilities http://sourceforge.net/project/showfiles.php?groupid=163847 POC : I- Remote File Inclusion Vulnerabilities /podcastgen1.0beta2/components/xmlparser/loadparser.php?absoluteurl=shell...

Packet Storm•added 2008/02/26 12:0 a.m.•23 views

nukeditadmin-sql.txt

!/usr/bin/perl Title: Nukedit 4.9.x Create Admin Exploit Credit: r3dm0v3 http://r3dm0v3.persianblog.ir r3dm0v34tyahoodotcom Tehran - Iran Download: http://www.nukedit.com/content/Download.asp Vulnerables: 4.9.x, prior versions maybe affected. Remote: Yes Dork: "Powered by Nukedit" Fix: Not...

Packet Storm•added 2008/02/25 12:0 a.m.•32 views

nukedit-sql.txt

Title: Nukedit 4.9.x Login Bypass SQL injection Discovered By: r3dm0v3 http://r3dm0v3.persianblog.ir r3dm0v3 4t yahoo dot com Tehran - Iran Download: http://www.nukedit.com/content/Download.asp Vulnerables: 4.9.x, prior versions maybe vulnerable Remote: Yes Dork: "Powered by Nukedit"...

Exploit DB•added 2008/02/25 12:0 a.m.•51 views

PORAR WebBoard - 'question.asp' SQL Injection

CoRPITX Turkey www.Hayalet-hack.com www.zone-turk.net/ PORAR WEBBOARD SQL Injection Vulnerability AUTHOR : xcorpitx HOME : www.Hayalet-hack.com / www.zone-turk.net email : [email protected] This SQL give Admin name and Admin password Bu sorgu direk admin ismi ve sisresini verecektir DorK : ''...

seebug.org•added 2008/02/23 12:0 a.m.•17 views

PHP-Nuke Docum模块'artid' SQL注入漏洞

BUGTRAQ ID: 27912 CNCAN ID:CNCAN-2008022208 PHP-Nuke Docum模块是一款基于PHP的WEB应用程序。 PHP-Nuke Docum模块不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息或操作数据库。问题是由于脚本对用户提交的'artid'参数处理缺少充分过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 PHP-Nuke Module Docum 目前没有详细解决方案提供： http://www.phpnuke.org/...

securityvulns•added 2008/02/22 12:0 a.m.•55 views

PHP-Nuke Module Classifieds SQL Injection(Details)

PHP-Nuke Module Classifieds SQL InjectionDetails AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 : allinurl:"modules.php?name=Classifieds"Details DORK 2 : allinurl: EXPLOIT :...

securityvulns•added 2008/02/22 12:0 a.m.•49 views

Xoops-2.0.16 Remote File Inclusion

In the Script Xoops-2.0.16 are Remote File Inclusion Bugs +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Script : xoops-2.0.16-Kararli Discovered By : F10 Contact : [email protected] WebSite : http://by-f10.com Greetz : byemR3 , H0tturk , TaRanTuLa , gsy...

securityvulns•added 2008/02/22 12:0 a.m.•170 views

PHP-Nuke Module Dossiers Injection(did)

PHP-Nuke Module Dossiers Injectiondid AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 :allinurl:"modules.php?name=Dossiers"did DORK 2 : allinurl: EXPLOIT : admin...

seebug.org•added 2008/02/21 12:0 a.m.•13 views

PunBB <= 1.2.16 Blind Password Recovery Exploit

No description provided by source. ?php / Original : http://sektioneins.de/advisories/SE-2008-01.txt Thanks to Stefan Esser, here's the exploit. Team : EpiBite firefox, petit-poney, thot Nous tenons a remercier nos mamans et papas respectifs. Let's get a fu coffee ! / // conf define'URL',...

0day.today•added 2008/02/21 12:0 a.m.•20 views

PHP-Nuke Module NukeC 2.1 (id_catg) SQL Injection Vulnerability

Exploit for unknown platform in category web applications =============================================================== PHP-Nuke Module NukeC 2.1 idcatg SQL Injection Vulnerability ===============================================================...

Packet Storm•added 2008/02/20 12:0 a.m.•23 views

runcmsmyannonces-sql.txt

runcms MyAnnonces SQL Injectioncid AUTHOR : S@BUN HOME 1 : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl: "modules MyAnnonces index php pa view" EXAMPLE XXXXMyAnnonces/index.php?pa=view&cid=EXPLOiT EXPLOIT : for admin =...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by