CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

7610 matches found

Positive Technologies•added 2005/11/16 12:0 a.m.•2 views

PT-2005-4395 · Ekinboard · Ekinboard

Name of the Vulnerable Software and Affected Versions: Ekinboard version 1.0.3 Description: The issue allows remote attackers to inject arbitrary web script or HTML, which can lead to cross-site scripting XSS attacks. This is possible via the id parameter in the "profile.php" endpoint and the...

4.3CVSS5.8AI score0.00758EPSS

Exploits1References9

Exploit DB•added 2005/11/07 12:0 a.m.•21 views

XMB Forum 1.9.3 - 'u2u.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15342/info XMB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

securityvulns•added 2005/11/07 12:0 a.m.•23 views

Zoomblog HTML Injection Vulnerability

DESCRIPTION Zoomblog is prone to HTML injection attacks. It is possible for a malicious Zoomblog user to inject hostile HTML and script code into the commentary via form fields. This code may be rendered in the browser of a web user who views the commentary of Zoomblog. Zoomblog does not adequate...

Packet Storm•added 2005/11/04 12:0 a.m.•35 views

phpinfoXSS.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [email protected] schrieb: PoC: phpinfo.php?GLOBALStest=alertdocument.cookie; ...or just use phpinfo.php?=alertdocument.cookie; Saves some typing. In contrary to the above, this one only works on IE tested 6 on XP SP2 & Konqueror tested 3.4.2, though...

NVD•added 2005/11/02 11:2 a.m.•15 views

CVE-2005-3430

Incomplete blacklist vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions, such as 1 .unk, 2 .asa, and possibly 3 .htr and 4 .aspx, which are not filtered like the .asp extension...

7.5CVSS7.4AI score0.012EPSS

Exploits0References7

exploitpack•added 2005/11/02 12:0 a.m.•11 views

Simple PHP Blog 0.4 - preview_cgi.php Multiple Cross-Site Scripting Vulnerabilities

Simple PHP Blog 0.4 - previewcgi.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/15283/info Simple PHP Blog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied...

exploitpack•added 2005/11/02 12:0 a.m.•11 views

Simple PHP Blog 0.4 - colors.php Multiple Cross-Site Scripting Vulnerabilities

Simple PHP Blog 0.4 - colors.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/15283/info Simple PHP Blog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

exploitpack•added 2005/11/01 12:0 a.m.•19 views

VUBB - index.php Cross-Site Scripting

VUBB - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/15260/info VUBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scrip...

exploitpack•added 2005/10/31 12:0 a.m.•16 views

Snitz Forum 2000 - post.asp Cross-Site Scripting

Snitz Forum 2000 - post.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/15241/info Snitz Forum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to ha...

Exploit DB•added 2005/10/27 12:0 a.m.•15 views

PBLang 4.65 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/15223/info PBLang is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the...

Exploit DB•added 2005/10/26 12:0 a.m.•16 views

FlatNuke 2.5.x - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15176/info FlatNuke is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...

Exploit DB•added 2005/10/20 12:0 a.m.•20 views

Chipmunk Directory - 'recommend.php?entryID' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15149/info Chipmunk products are prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

exploitpack•added 2005/10/19 12:0 a.m.•14 views

Xerver 4.17 Server - URI Null Character Cross-Site Scripting

Xerver 4.17 Server - URI Null Character Cross-Site Scripting source: https://www.securityfocus.com/bid/15135/info Xerver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit a...

exploitpack•added 2005/10/19 12:0 a.m.•13 views

Xerver 4.17 - Forced Directory Listing

Xerver 4.17 - Forced Directory Listing source: https://www.securityfocus.com/bid/15135/info Xerver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit a vulnerability to...

RubySec•added 2005/10/07 12:0 a.m.•4 views

Security Bypass Vulnerability with Ruby

The Ruby language has a security mechanism security model that can restrict operations on untrusted objects. This security model is based on mechanisms called "object taint" and "safe level." A vulnerability has been confirmed that allows arbitrary script execution by bypassing the "safe level"...

7.5CVSS5.8AI score0.14418EPSS

Exploits0References1Affected Software1

Exploit DB•added 2005/10/07 12:0 a.m.•25 views

Aenovo - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/15038/info aeNovo is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the...

exploitpack•added 2005/10/07 12:0 a.m.•13 views

Oracle 9 - XML DB Cross-Site Scripting

Oracle 9 - XML DB Cross-Site Scripting source: https://www.securityfocus.com/bid/15034/info Oracle XML DB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

Exploit DB•added 2005/09/28 12:0 a.m.•64 views

CubeCart 3.0.3 - 'cart.php?redir' Cross-Site Scripting

source: https://www.securityfocus.com/bid/14962/info CubeCart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code execut...

exploitpack•added 2005/09/27 12:0 a.m.•13 views

LucidCMS 2.0 - index.php Cross-Site Scripting

LucidCMS 2.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/14951/info lucidCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

Exploit DB•added 2005/09/27 12:0 a.m.•17 views

LucidCMS 2.0 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/14951/info lucidCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by