CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting XSS vulnerability in search.cgi in MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x allows remote attackers to inject arbitrary web script or HTML via the query string...

4.3CVSS6.2AI score0.01338EPSS

Exploits0References7

CVE•added 2005/12/06 11:0 a.m.•38 views

CVE-2005-4041

CVE-2005-4041 describes a cross-site scripting (XSS) vulnerability in the search.cgi component of MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x. The issue arises from injecting arbitrary script/HTML via the query string, enabling an attacker to trigger client-side code in affected users’...

4.3CVSS6.5AI score0.01338EPSS

Exploits0References7Affected Software2

Cvelist•added 2005/12/06 11:0 a.m.•17 views

CVE-2005-4041

Cross-site scripting XSS vulnerability in search.cgi in MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x allows remote attackers to inject arbitrary web script or HTML via the query string...

6.2AI score0.01338EPSS

Exploits0References7

securityvulns•added 2005/12/05 12:0 a.m.•32 views

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.7AI score

Exploits0References21Affected Software20

securityvulns•added 2005/12/04 12:0 a.m.•25 views

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.7AI score

Exploits0References12Affected Software9

Tenable Nessus•added 2005/12/02 12:0 a.m.•31 views

Trac Ticket Query Module group Parameter SQL Injection

The remote host is running Trac, an enhanced wiki and issue tracking system for software development projects written in Python. The remote version of this software is prone to a SQL injection flaw through the ticket query module due to 'group' parameter is not properly sanitized. %NASLMINLEVEL...

7.5CVSS5.8AI score0.03264EPSS

Exploits1References3

securityvulns•added 2005/12/02 12:0 a.m.•32 views

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.7AI score

Exploits0References18Affected Software21

securityvulns•added 2005/11/30 12:0 a.m.•30 views

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, mbsendmail message headers modification, etc...

1.3AI score

Exploits0References7Affected Software6

securityvulns•added 2005/11/29 12:0 a.m.•24 views

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, mbsendmail message headers modification, etc...

1.3AI score

Exploits0References19Affected Software19

Tenable Nessus•added 2005/11/29 12:0 a.m.•17 views

PHP Doc System index.php show Parameter Local File Inclusion

The remote host is running PHP Doc System, a modular, PHP-based system for creating documentation. The version of PHP Doc System installed on the remote host fails to sanitize user input to the 'show' parameter of the 'index.php' script before using it in a PHP 'include' function. An...

6.4CVSS6.2AI score0.02577EPSS

Exploits0References2

securityvulns•added 2005/11/26 12:0 a.m.•29 views

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.7AI score

Exploits0References80Affected Software65

Gentoo Linux•added 2005/11/21 12:0 a.m.•32 views

GNUMP3d: Directory traversal and insecure temporary file creation

Background GNUMP3d is a streaming server for MP3s, OGG vorbis files, movies and other media formats. Description Ludwig Nussel from SUSE Linux has identified two vulnerabilities in GNUMP3d. GNUMP3d fails to properly check for the existence of /tmp/index.lok before writing to the file, allowing fo...

6.4CVSS6.4AI score0.02226EPSS

Exploits0

NVD•added 2005/11/18 10:3 p.m.•14 views

CVE-2005-3355

Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values"...

6.4CVSS6.4AI score0.02226EPSS

Exploits0References9

UbuntuCve•added 2005/11/18 10:3 p.m.•16 views

CVE-2005-3355

Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values"...

6.4CVSS5.9AI score0.02226EPSS

Exploits0References1

Cvelist•added 2005/11/16 7:37 a.m.•15 views

CVE-2003-1247

Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via 1 a long URL content type in CGI::readFile, 2 a long path in diskusage, and 3 a long fname in flist...

7.8AI score0.0995EPSS

Exploits1References11

securityvulns•added 2005/11/15 12:0 a.m.•35 views

Walla TeleSite Multiple Vulnerabilities

Application: Walla TeleSite Vendors: http://www.walla.co.il Versions: 3.0 and perior Platforms: Windows ISAPI, a few vulnerabilities apply Linux too Bug: Multiple Vulnerabilities Exploitation: Remote with browser Date: 13 Nov 2005 Author: Rafi Nahum, Pokerface e-mail: [email protected] web: N...

7.5AI score

Exploits0

myhack58•added 2005/11/15 12:0 a.m.•88 views

On WEBSHELL to elevate privileges to the point of experience-vulnerability warning-the black bar safety net

| --- | Many newcomers in the use of servu elevation of Privilege will encounter many problems, such as the default local administrator Password changed, ws, etc. the cmd is disabled, or the site root directory there is no permission to run! Many Novices will be sent to the discard, Oh, actually...

6.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by