CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

934 matches found

exploitpack•added 2018/02/05 12:0 a.m.•21 views

NixCMS 1.0 - category_id SQL Injection

NixCMS 1.0 - categoryid SQL Injection Exploit Title: NixCMS 1.0 - 'categoryid' SQL Ýnjection Dork: N/A Date: 03.02.2018 Vendor: https://www.nixdesign.de Software Link: https://www.nixdesign.de/nix-cms/ Demo: http://www.jamaram.de/ Version: 1.0 Tested on: WiN10X64 Exploit Author: Bora Bozdogan...

exploitpack•added 2018/01/30 12:0 a.m.•21 views

Joomla! Component Visual Calendar 3.1.3 - id SQL Injection

Joomla! Component Visual Calendar 3.1.3 - id SQL Injection Exploit Title: Joomla! Component Visual Calendar 3.1.3 - SQL Injection Dork: N/A Date: 30.01.2018 Vendor Homepage: http://www.joomlacalendars.com/ Software Link:...

7.5CVSS0.5AI score0.02703EPSS

Positive Technologies•added 2018/01/18 12:0 a.m.•5 views

PT-2018-4879 · Jquery · Jquery

Name of the Vulnerable Software and Affected Versions: jquery versions 3.0.0-rc.1 Description: The issue arises due to the removal of logic that lowercased attribute names, leading to an infinite recursion when attribute getters use mixed-cased names for boolean attributes. This results in...

7.5CVSS6.5AI score0.02905EPSS

Exploits1References12

Hacker One•added 2017/12/29 6:8 p.m.•30 views

Zomato: [www.zomato.com] Boolean SQLi - /███████.php

@gerbenjavado found that the parameter brids which was a JSON array was vulnerable to boolean SQL injection. POC Requesting MID0x352e362e33332d6c6f67,1,1//LIKE//5 hex == @@version resulted in a 500 HTTP status and MID0x352e362e33332d6c6f67,1,1//LIKE//4 resulted in a 200 HTTP status. Showing that...

Hacker One•added 2017/12/13 3:38 p.m.•27 views

Zomato: [www.zomato.com] Boolean SQLi - /█████.php

@gerbenjavado found that the parameter entityid was vulnerable to SQLi on endpoint /████.php using a Boolean technique. POC The POC uses ifmid@@version,1,1=5 which returns a 200 ok message. If changed for ifmid@@version,1,1=4 the server gives a 500 or 504 error, confirming the SQLi and proving da...

Packet Storm•added 2017/12/12 12:0 a.m.•31 views

Advanced World Database 2.0.5 SQL Injection

Exploit Title: Advanced World Database 2.0.5 - SQL Injection Dork: N/A Date: 10.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/advanced-world-database/ Version: 2.0.5 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit...

exploitpack•added 2017/12/11 12:0 a.m.•29 views

Advanced World Database 2.0.5 - SQL Injection

Advanced World Database 2.0.5 - SQL Injection Exploit Title: Advanced World Database 2.0.5 - SQL Injection Dork: N/A Date: 10.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/advanced-world-database/ Version: 2.0.5 Category: Webapps...

Packet Storm•added 2017/12/11 12:0 a.m.•20 views

Affiliate MLM Script 1.0 SQL Injection

Exploit Title: Affiliate MLM Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/affiliate-mlm-script/ Demo: http://www.smsemailmarketing.in/demo/Affiliate/ Version: 1.0 Category: Webapps Test...

Exploit DB•added 2017/12/11 12:0 a.m.•59 views

Freelance Website Script 2.0.6 - 'pr_id' / 'catid' SQL Injection

Exploit Title: Freelance Website Script 2.0.6 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/freelance-website-script/ Version: 2.0.6 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Explo...

Exploit DB•added 2017/12/11 12:0 a.m.•91 views

Foodspotting Clone Script 1.0 - 'quicksearch.php?q' SQL Injection

Exploit Title: Foodspotting Clone Script 1.0 - 'q' SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/foodspotting-clone/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit...

exploitpack•added 2017/12/09 12:0 a.m.•17 views

Affiliate MLM Script 1.0 - product-category.php?key SQL Injection

Affiliate MLM Script 1.0 - product-category.php?key SQL Injection Exploit Title: Affiliate MLM Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/affiliate-mlm-script/ Demo:...

Exploit DB•added 2017/12/09 12:0 a.m.•23 views

Advance Online Learning Management Script 3.1 - 'subcatid' / 'popcourseid' SQL Injection

Exploit Title: Advance Online Learning Management Script 3.1 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/online-learning-management-script/ Demo: http://thavasu.com/demo/onlineeducation/ Version:...

Exploit DB•added 2017/12/09 12:0 a.m.•28 views

Advance B2B Script 2.1.3 - 'show_id' / 'pid' SQL Injection

Exploit Title: Advance B2B Script 2.1.3 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/advance-b2b-script/ Demo: http://198.38.86.159/advancedb2b/ Version: 2.1.3 Category: Webapps Tested on:...

exploitpack•added 2017/12/07 12:0 a.m.•16 views

FS IMDB Clone - id SQL Injection

FS IMDB Clone - id SQL Injection Exploit Title: FS IMDB Clone - 'id' SQL Injection Date: 2017-12-06 Exploit Author: Dan° Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/imdb-clone/ Version: 2017-12-06 Tested on: Kali Linux 2.0 PoC: SQL Injection on G...

Exploit DB•added 2017/12/07 12:0 a.m.•77 views

FS Facebook Clone - 'token' SQL Injection

Exploit Title: FS Facebook Clone - 'token' SQL Injection Date: 2017-12-06 Exploit Author: Dan° Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/facebook-clone/ Version: 2017-12-06 Tested on: Kali Linux 2.0 PoC: SQL Injection on GET parameter = token...

Exploit DB•added 2017/12/07 12:0 a.m.•94 views

FS IMDB Clone - 'id' SQL Injection

Exploit Title: FS IMDB Clone - 'id' SQL Injection Date: 2017-12-06 Exploit Author: Dan° Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/imdb-clone/ Version: 2017-12-06 Tested on: Kali Linux 2.0 PoC: SQL Injection on GET parameter = id...

exploitpack•added 2017/12/06 12:0 a.m.•20 views

FS Makemytrip Clone - id SQL Injection

FS Makemytrip Clone - id SQL Injection Exploit Title: FS Makemytrip Clone - SQL Injection Date: 2017-12-05 Exploit Author: Dan° Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/makemytrip-clone/ Version: 2017-12-05 Tested on: Kali Linux 2.0 PoC: SQL...

Packet Storm•added 2017/12/06 12:0 a.m.•21 views

FS Facebook Clone SQL Injection

Exploit Title: FS Facebook Clone - 'token' SQL Injection Date: 2017-12-06 Exploit Author: DanAdeg Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/facebook-clone/ Version: 2017-12-06 Tested on: Kali Linux 2.0 PoC: SQL Injection on GET parameter = toke...

Packet Storm•added 2017/12/06 12:0 a.m.•24 views

FS Shaadi Clone SQL Injection

Exploit Title: FS Shaadi Clone - SQL Injection Date: 2017-12-05 Exploit Author: DanAdeg Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/shaadi-clone/ Version: 2017-12-05 Tested on: Kali Linux 2.0 PoC: SQL Injection on GET parameter = token...

Packet Storm•added 2017/12/06 12:0 a.m.•28 views

FS IMDB Clone SQL Injection

Exploit Title: FS IMDB Clone - 'id' SQL Injection Date: 2017-12-06 Exploit Author: DanAdeg Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/imdb-clone/ Version: 2017-12-06 Tested on: Kali Linux 2.0 PoC: SQL Injection on GET parameter = id...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by