CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

4774 matches found

Exploit DB•added 2005/04/13 12:0 a.m.•28 views

PHPBB2 Plus 1.5 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/13150/info phpBB2 Plus is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute...

FreeBSD•added 2005/04/12 12:0 a.m.•29 views

wordpress -- multiple vulnerabilities

A Gentoo Linux Security Advisory reports: Due to a lack of input validation, WordPress is vulnerable to SQL injection and XSS attacks. An attacker could use the SQL injection vulnerabilities to gain information from the database. Furthermore the cross-site scripting issues give an attacker the...

7.5CVSS7.1AI score0.03139EPSS

Exploits0References1

exploitpack•added 2005/04/12 12:0 a.m.•19 views

XAMPP - Phonebook.php Multiple Remote HTML Injection Vulnerabilities

XAMPP - Phonebook.php Multiple Remote HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/13127/info XAMPP is prone to multiple remote HTML-injection vulnerabilities because the software fails to properly sanitize user-supplied input before including it in dynamically generat...

Tenable Nessus•added 2005/04/11 12:0 a.m.•51 views

ModernBill <= 4.3.0 Multiple Vulnerabilities

The version of ModernBill installed on the remote host is subject to multiple vulnerabilities : - A Remote File Include Vulnerability The application fails to sanitize the parameter 'DIR' before using it in the script 'news.php'. An attacker can exploit this flaw to browse or execute arbitrary...

7.5CVSS6.1AI score0.03994EPSS

Exploits2References5

exploitpack•added 2005/04/07 12:0 a.m.•9 views

Linksys WET11 - Password Update Remote Authentication Bypass

Linksys WET11 - Password Update Remote Authentication Bypass source: https://www.securityfocus.com/bid/13051/info A remote authentication bypass vulnerability affects Linksys WET11. This issue is due to a failure of the application to validate authentication credentials when processing password...

exploitpack•added 2005/04/06 12:0 a.m.•11 views

Active Auction House - start.asp?ReturnURL Cross-Site Scripting

Active Auction House - start.asp?ReturnURL Cross-Site Scripting source: https://www.securityfocus.com/bid/13036/info Active Auction House is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplie...

exploitpack•added 2005/04/06 12:0 a.m.•15 views

PHP-Nuke 7.6 Web_Links Module - Multiple Cross-Site Scripting Vulnerabilities

PHP-Nuke 7.6 WebLinks Module - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13025/info PHP-Nuke is reportedly affected by multiple cross-site scripting vulnerabilities in the WebLinks Module. These issues are due to a failure in the application to proper...

Exploit DB•added 2005/04/06 12:0 a.m.•31 views

Active Auction House - 'account.asp?ReturnURL' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13036/info Active Auction House is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary...

Exploit DB•added 2005/04/06 12:0 a.m.•30 views

Ocean12 Membership Manager Pro - Cross-Site Scripting

source: https://www.securityfocus.com/bid/13046/info Ocean12 Membership Manager Pro is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Exploit DB•added 2005/04/06 12:0 a.m.•19 views

Active Auction House - 'sendpassword.asp' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/13038/info Active Auction House is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary...

exploitpack•added 2005/04/05 12:0 a.m.•12 views

PHP-Nuke 6.x7.x Downloads Module - Lid Cross-Site Scripting

PHP-Nuke 6.x7.x Downloads Module - Lid Cross-Site Scripting source: https://www.securityfocus.com/bid/13011/info It is reported that the PHP-Nuke 'Downloads' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize...

Exploit DB•added 2005/03/29 12:0 a.m.•24 views

Chatness 2.5 - 'Message Form' HTML Injection

source: https://www.securityfocus.com/bid/12929/info Chatness is prone to an HTML injection vulnerability. This issue is exposed through various chat message form fields. Exploitation will allow an attacker to inject hostile HTML and script code into the session of another user. An attacker could...

Exploit DB•added 2005/03/29 12:0 a.m.•21 views

CPG Dragonfly 9.0.2.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/12930/info CPG Dragonfly is prone to multiple cross-site scripting vulnerabilities in various modules. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of...

exploitpack•added 2005/03/29 12:0 a.m.•17 views

Chatness 2.5 - Message Form HTML Injection

Chatness 2.5 - Message Form HTML Injection source: https://www.securityfocus.com/bid/12929/info Chatness is prone to an HTML injection vulnerability. This issue is exposed through various chat message form fields. Exploitation will allow an attacker to inject hostile HTML and script code into the...

exploitpack•added 2005/03/29 12:0 a.m.•16 views

Iatek IntranetApp 2.3 - ad_click.asp?banner_id SQL Injection

Iatek IntranetApp 2.3 - adclick.asp?bannerid SQL Injection source: https://www.securityfocus.com/bid/12936/info Multiple input-validation vulnerabilities reportedly affect PortalApp. These issues occur due to a failure of the application to properly sanitize user-supplied input prior to using it ...

Exploit DB•added 2005/03/28 12:0 a.m.•22 views

EXoops - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/12915/info Multiple input validation vulnerabilities reportedly affect exoops. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical actions. An attacker may leverage these...

Exploit DB•added 2005/03/28 12:0 a.m.•32 views

PhotoPost Pro 5.1 - 'showmembers.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/12920/info Multiple input validation vulnerabilities reportedly affect PhotoPost Pro. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical actions. The first set of issues ar...

exploitpack•added 2005/03/28 12:0 a.m.•13 views

EXoops - Multiple Input Validation Vulnerabilities

EXoops - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/12915/info Multiple input validation vulnerabilities reportedly affect exoops. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out...

Exploit DB•added 2005/03/24 12:0 a.m.•19 views

Dream4 Koobi CMS 4.2.3 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/12895/info Koobi CMS is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in...

exploitpack•added 2005/03/23 12:0 a.m.•13 views

PHPSysInfo 2.02.3 - system_footer.php Cross-Site Scripting

PHPSysInfo 2.02.3 - systemfooter.php Cross-Site Scripting source: https://www.securityfocus.com/bid/12887/info phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by