CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

securityvulns•added 2010/06/29 12:0 a.m.•37 views

XSS vulnerability in Grafik CMS

Vulnerability ID: HTB22438 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityingrafikcms.html Product: Grafik CMS Vendor: GrafikPower Vulnerable Version: 1.1.2 and Probably Prior Versions Vendor Notification: 14 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed,...

0day.today•added 2010/06/29 12:0 a.m.•13 views

Ecomat CMS Remote SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================= Ecomat CMS Remote SQL Injection Vulnerability ============================================= Product: Ecomat CMS Vendor: Codefabrik GmbH Vulnerable Version: 5.0 and Probably Prior Versions Vendor...

0day.today•added 2010/06/29 12:0 a.m.•15 views

TheWorld Browser 3.1.6.8 DOS Exploit

Exploit for windows platform in category dos / poc ==================================== TheWorld Browser 3.1.6.8 DOS Exploit ==================================== AUTHOR : Cur53D MAIL : Hyq6xxatgmail.com DATE : 29,june 2010 Blog : www.Cur53D.dlstreet.net Type : Denial Of Service Platform : Windows...

7AI score

Packet Storm•added 2010/06/25 12:0 a.m.•19 views

Lois Software 2.0a SQL Injection

Vulnerability ID: HTB22430 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinwebdb1.html Product: WebDB Vendor: Lois Software Vulnerable Version: 2.0a and Probably Prior Versions Vendor Notification: 10 June 2010 Vulnerability Type: SQL Injection Status: Fixed by Vendor Risk...

securityvulns•added 2010/06/25 12:0 a.m.•34 views

SQL injection vulnerability in WebDB

1.1AI score

exploitpack•added 2010/06/04 12:0 a.m.•15 views

WordPress Plugin Gigya Socialize 1.01.1.x - Cross-Site Scripting

WordPress Plugin Gigya Socialize 1.01.1.x - Cross-Site Scripting source: https://www.securityfocus.com/bid/40582/info The Gigya Socialize Plugin for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...

Packet Storm•added 2010/05/28 12:0 a.m.•26 views

ImpressPages CMS 1.0.4 SQL Injection

Vulnerability ID: HTB22386 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinimpresspagescms2.html Product: ImpressPages CMS Vendor: Apro Media Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 12 May 2010 Vulnerability Type: SQL Injection Status: Fixe...

0.7AI score

securityvulns•added 2010/05/27 12:0 a.m.•48 views

SQL injection vulnerability in 360 Web Manager

Vulnerability ID: HTB22379 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityin360webmanager1.html Product: 360 Web Manager Vendor: 360 Web Manager Vulnerable Version: 3.0 Vendor Notification: 10 May 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted,...

0.8AI score

Packet Storm•added 2010/05/26 12:0 a.m.•33 views

360 Web Manager 3.0 Cross Site Scripting

Vulnerability ID: HTB22377 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityin360webmanager.html Product: 360 Web Manager Vendor: 360 Web Manager Vulnerable Version: 3.0 Vendor Notification: 10 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted,...

Packet Storm•added 2010/05/26 12:0 a.m.•23 views

Ruubik CMS 1.0.3 Cross Site Scripting

Vulnerability ID: HTB22380 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinruubikcms.html Product: RuubikCMS Vendor: Piuha Vulnerable Version: 1.0.3 and Probably Prior Versions Vendor Notification: 10 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor...

7AI score

Packet Storm•added 2010/05/21 12:0 a.m.•20 views

LiSK CMS 4.4 edit_email.php SQL Injection

Vulnerability ID: HTB22373 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinliskcms1.html Product: LiSK CMS Vendor: Createch-group Vulnerable Version: 4.4 Vendor Notification: 06 May 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted, Awaiting Vendor...

Packet Storm•added 2010/05/05 12:0 a.m.•23 views

ecoCMS Cross Site Scripting

Vulnerability ID: HTB22353 Reference: http://www.htbridge.ch/advisory/xssinecocms.html Product: ecoCMS Vendor: ecoCMS Team Vulnerable Version: Current at 18.04.2010 and Probably Prior Versions Vendor Notification: 18 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendo...

0.1AI score

seebug.org•added 2010/05/03 12:0 a.m.•10 views

browsers Crash Exploit(Mozilla Firefox/Internet Explorer/Google Chrome/Netscape/Opera)

No description provided by source. @Title: All browsers 0day Crash Exploit @Site: http://site.securityspl0its.com/ - http://forum.securityspl0its.com/ - @Exploit for all browsers Tested on: Mozilla Firefox // Internet Explorer // Google Chrome // Netscape // Opera: body...

0day.today•added 2010/04/30 12:0 a.m.•18 views

Pligg CMS 1.1.2 (status) Parameter SQL Injection Vulnerability

Exploit for php platform in category web applications Pligg CMS 'status' Parameter SQL Injection Vulnerability Pligg CMS is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...

securityvulns•added 2010/04/26 12:0 a.m.•50 views

Madirish Webmail 2.01 (basedir) RFI/LFI Vulnerability

Madirish Webmail is prone to Multiple vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow th...

1.3AI score

ThreatPost•added 2010/03/24 3:41 p.m.•7 views

TJX Browser Exploit Accomplice Gets Probation

A computer security professional who sold Internet Explorer exploit code to credit card hacker Albert Gonzalez was sentenced Tuesday to three years probation and a $10,000 fine. Jeremy Jethro, 29, was paid $60,000 by Gonzalez for a zero-day exploit against Microsoft’s browser, “the purpose and...

2.2AI score

Exploits0References3

seebug.org•added 2010/02/23 12:0 a.m.•28 views

Winamp 5.57 (Browser) IE Denial of Service Exploit

No description provided by source. !-- +---------------------------------------------------------------------------------+ Winamp 5.57 Browser IE Denial of Service Exploit Homepage: http://www.winamp.com/ Exploit Coded by: cr4wl3r cr4wl3r\x40linuxmail\x2Eorg From: Indonesia Tested Win xpsp2 Greet...

Exploit DB•added 2010/02/23 12:0 a.m.•17 views

Softbiz Jobs - 'sbad_type' Cross-Site Scripting

source: https://www.securityfocus.com/bid/38383/info Softbiz Jobs is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

7.4AI score