CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

4774 matches found

Tenable Nessus•added 2005/03/21 12:0 a.m.•8 views

CoolForum SQL and XSS Vulnerabilities

Binary data 2725.prm...

7.5CVSS7.3AI score0.01773EPSS

Exploits2References4

exploitpack•added 2005/03/21 12:0 a.m.•9 views

BetaParticle blog 2.03.0 - myFiles.asp File Manipulation

BetaParticle blog 2.03.0 - myFiles.asp File Manipulation source: https://www.securityfocus.com/bid/12861/info betaparticle blog is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that betaparticle blog fails to sufficiently secure the...

Exploit DB•added 2005/03/21 12:0 a.m.•32 views

BetaParticle blog 2.0/3.0 - dbBlogMX.mdb Direct Request Database Disclosure

source: https://www.securityfocus.com/bid/12861/info betaparticle blog is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that betaparticle blog fails to sufficiently secure the authentication credential database. A remote attacker may...

CERT•added 2005/03/17 12:0 a.m.•25 views

NotifyLink contains multiple SQL injection vulnerabilities

Overview There are multiple vulnerabilities in NotifyLink that allow unauthenticated remote users to view or modify the contents of the NotifyLink SQL database. Possible modifications include the addition of unauthorized user and administrator accounts. Description Notify Technology NotifyLink...

7.5CVSS7.4AI score0.01512EPSS

Exploits0References3

Exploit DB•added 2005/03/16 12:0 a.m.•15 views

PunBB 1.2.3 - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/12828/info PunBB is reportedly affected by multiple HTML injection vulnerabilities. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible such as the theft of cookie-based authentication...

securityvulns•added 2005/03/16 12:0 a.m.•37 views

YaBB2 rc1 XSS

PersianHacker.NET 200503-08 YaBB2 rc1 XSS Vulnerability Date: 2005 March Bug Number: 08 bid:12756 YaBB is a leading free forum software package that rivals any professional message board out there. It provides a real-time chat and support system for your visitors. More info @:...

exploitpack•added 2005/03/14 12:0 a.m.•9 views

PABox 2.0 - Post Icon HTML Injection

PABox 2.0 - Post Icon HTML Injection source: https://www.securityfocus.com/bid/12796/info paBox is reportedly affected by a HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Th...

Exploit DB•added 2005/03/14 12:0 a.m.•23 views

Phorum 5.0.14 - Multiple Subject and Attachment HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/12800/info Phorum is reportedly affected by multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. The attacker-supplied HTML...

Exploit DB•added 2004/12/22 12:0 a.m.•28 views

PsychoStats 2.x Login Parameter Cross-Site Scripting Vulnerability

PsychoStats 2.x Login Parameter Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/12089/info PsychoStats is reported prone to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize...

Tenable Nessus•added 2004/12/19 12:0 a.m.•30 views

GLSA-200412-16 : kdelibs, kdebase: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200412-16 kdelibs, kdebase: Multiple vulnerabilities Daniel Fabian discovered that the KDE core libraries contain a flaw allowing password disclosure by making a link to a remote file. When creating this link, the resulting URL...

7.5CVSS5.5AI score0.0272EPSS

Exploits1References5

exploitpack•added 2004/12/16 12:0 a.m.•9 views

IkonBoard 3.x - Multiple SQL Injections

IkonBoard 3.x - Multiple SQL Injections source: https://www.securityfocus.com/bid/11982/info Multiple remote SQL injection vulnerabilities reportedly affect Ikonboard. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL querie...

Exploit DB•added 2004/12/16 12:0 a.m.•21 views

WordPress Core 1.2.1/1.2.2 - 'moderation.php?item_approved' Cross-Site Scripting

source: https://www.securityfocus.com/bid/11984/info Wordpress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied data. The cross-site scripting and HTML injection issue...

Tenable Nessus•added 2004/12/15 12:0 a.m.•30 views

Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:150)

Daniel Fabian discovered a potential privacy issue in KDE. When creating a link to a remote file from various applications, including Konqueror, the resulting URL may contain the authentication credentials used to access that remote resource. This includes, but is not limited to, browsing SMB Sam...

7.5CVSS5.3AI score0.0272EPSS

Exploits1References5

Packet Storm•added 2004/11/20 12:0 a.m.•22 views

IPSwitch-IMail-8.13-DELETE.pl

!/usr/bin/perl -w IPSwitch-IMail-8.13-DELETE Discovered by : Muts Coded by : Zatlander WWW.WHITEHAT.CO.IL Plain vanilla stack overflow in the DELETE command Restrictions: - Need valid authentication credentials - Input buffer only allows characters between x20 - x7e Credits: -...

Exploit DB•added 2004/10/22 12:0 a.m.•33 views

Netbilling NBMEMBER Script - Information Disclosure

source: https://www.securityfocus.com/bid/11504/info Netbilling 'nbmember.cgi' script is reported prone to an information disclosure vulnerability. This issue may allow remote attackers to gain access to user authentication credentials and potentially sensitive configuration information...

Exploit DB•added 2004/09/01 12:0 a.m.•32 views

phpWebSite 0.7.3/0.8.x/0.9.x Comment Module - 'CM_pid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/11088/info It is reported that phpWebSite is susceptible to multiple cross-site scripting, HTML injection and SQL injection vulnerabilities. The cross-site scripting issue is present in a parameter of the comments module script. An attacker can exploit...

Exploit DB•added 2004/08/24 12:0 a.m.•167 views

PHP Code Snippet Library 0.8 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/11038/info PHP Code Snippet Library is reported prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could permit a remote attacker to creat...

exploitpack•added 2004/08/23 12:0 a.m.•9 views

Compulsive Media CNU5 - News.mdb Database Disclosure

Compulsive Media CNU5 - News.mdb Database Disclosure source: https://www.securityfocus.com/bid/11004/info CNU5 is reported prone to a database disclosure vulnerability. It is reported that remote users may download the database file 'news.mdb' and gain access to sensitive information including...

Tenable Nessus•added 2004/08/18 12:0 a.m.•11 views

SAMI FTP Server <= 2.0.2 Authentication Credentials Remote Overflow

Binary data 3535.prm...

6.4CVSS7.3AI score0.58229EPSS

Exploits2References2

Exploit DB•added 2004/08/04 12:0 a.m.•31 views

eNdonesia 8.3 - Search Form Cross-Site Scripting

source: https://www.securityfocus.com/bid/10856/info It is reported that eNdonesia is susceptible to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated web content. As a...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by