CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9791 matches found

myhack58•added 2007/10/11 12:0 a.m.•22 views

A CGI vulnerability discovery and exploit-vulnerability warning-the black bar safety net

Disclaimer:writing this post the purpose is not encouraged to vandalize,just to illustrate one Issue,there who used to post the information provided did what bad thing,that is entirely his own Own thing,and own nothing! A few days ago at home a 1 6 9 node read news,this site is the top of a Row...

6.9AI score

Exploits0

securityvulns•added 2007/10/10 12:0 a.m.•29 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References5Affected Software4

Cvelist•added 2007/10/09 10:0 a.m.•16 views

CVE-2004-2735

Cross-site scripting XSS vulnerability in P4DB 2.01 and earlier allows remote attackers to inject arbitrary web script or HTML via 1 SETPREFERENCES parameter in SetPreferences.cgi; 2 BRANCH parameter in branchView.cgi; 3 FSPC and 4 COMPLETE parameters in changeByUsers.cgi; 5 FSPC, 6 LABEL, 7...

5.7AI score0.01263EPSS

Exploits0References7

securityvulns•added 2007/10/08 12:0 a.m.•37 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References12Affected Software9

Cvelist•added 2007/10/06 9:0 p.m.•16 views

CVE-2001-1584

CardBoard 2.4 greeting card CGI by Michael Barretto allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient field...

7.7AI score0.01806EPSS

Exploits0References3

CVE•added 2007/10/06 9:0 p.m.•38 views

CVE-2001-1584

The CVE-2001-1584 entry concerns CardBoard 2.4 greeting card CGI by Michael Barretto. The affected component is the CardBoard 2.4 greeting card CGI, where the recipient field can be exploited via shell metacharacters to execute arbitrary commands remotely. The root cause is improper handling of s...

7.5CVSS8AI score0.01806EPSS

Exploits0References3Affected Software1

securityvulns•added 2007/10/06 12:0 a.m.•19 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References2Affected Software1

Tenable Nessus•added 2007/10/05 12:0 a.m.•101 views

Cart32 c32web.exe ImageName Traversal Arbitrary File Access

Cart32, a shopping cart application, is installed on the remote host. The remote installation of Cart32 fails to sufficiently validate input to the 'GetImage' function of 'c32web.exe' script before returning the contents of arbitrary files, not just image files as intended. An unauthenticated,...

5CVSS5.8AI score0.0887EPSS

Exploits0References2

securityvulns•added 2007/10/04 12:0 a.m.•26 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References4Affected Software3

Tenable Nessus•added 2007/10/03 12:0 a.m.•17 views

HP-UX Security Patch : PHSS_27262

VirtualVault 4.0 TGA reports missing CGI %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26637; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...

7AI score

Exploits0References1

securityvulns•added 2007/10/02 12:0 a.m.•26 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References6Affected Software2

securityvulns•added 2007/10/01 12:0 a.m.•17 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References3Affected Software2

securityvulns•added 2007/09/28 12:0 a.m.•24 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References2Affected Software2

securityvulns•added 2007/09/27 12:0 a.m.•22 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References3Affected Software2

securityvulns•added 2007/09/26 12:0 a.m.•44 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

5CVSS1.5AI score0.01819EPSS

Exploits2References11Affected Software5

securityvulns•added 2007/09/25 12:0 a.m.•20 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References5Affected Software5

Fedora•added 2007/09/24 8:33 p.m.•47 views

[SECURITY] Fedora Core 6 Update: php-5.1.6-3.7.fc6

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

7.5CVSS0.6AI score0.08878EPSS

Exploits1

securityvulns•added 2007/09/24 12:0 a.m.•38 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References3Affected Software2

Prion•added 2007/09/21 7:17 p.m.•14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in cgi-bin/ddns in the web management panel for the WBR3404TX broadband router with firmware R1.94p0vTIG allow remote attackers to inject arbitrary web script or HTML via the 1 DD or 2 DU parameter...

4.3CVSS6.2AI score0.01666EPSS

Exploits0References5

CVE•added 2007/09/21 6:0 p.m.•32 views

CVE-2007-5027

CVE-2007-5027 involves multiple XSS vulnerabilities in the web management panel (cgi-bin/ddns) of the WBR3404TX broadband router with firmware R1.94p0vTIG. The flaws allow remote attackers to inject arbitrary JavaScript/HTML via the DD or DU parameters. The provided documents confirm the affected...

4.3CVSS5.9AI score0.01666EPSS

Exploits0References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by