CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

558 matches found

Check Point Advisories•added 2014/07/16 12:0 a.m.•1 views

JPEG Files Containing Suspicious Comments

Certain JPEG files may contain malicious code, hidden within the comments marker...

1.3AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•15 views

ILIAS eLearning CMS 4.3.4 & 4.4 - Persistent XSS

No description provided by source. Document Title: =============== ILIAS eLearning 4.3.4 & 4.4 CMS - Persistent Notes Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1122 Release Date: ============= 2013-10-27 Vulnerability Laboratory I...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•12 views

SiteEngine <= 7.1 - SQL Injection Vulnerability

No description provided by source. Title: SiteEngine 7.1 SQL injection Vulnerability Date: 2010-11-25 Author: Beach Team: www.linux520.com Vendor: www.siteengine.net www.boka.cn Dork: Powered by SiteEngine //300,000 + Language:PHP Greetz: birdarmy Description: Exploit this vulnerability comment...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•21 views

Skeletonz CMS Permanent XSS Vulnerability

No description provided by source. Exploit Title: Xss on skeletonz-simple dynamic cms in the section comments Google Dork: Date: 27/11/10 Author: Jordan Diaz aka Jbyte Software Link: http://orangoo.com/skeletonz/ Version: 1.0 Tested on: Windows xp CVE : The follow xss is located in the section of...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•26 views

Drupal <= 4.5.3 & <= 4.6.1 Comments PHP Injection Exploit

No description provided by source. !/usr/bin/perl Mon Jul 4 18:19:35 CEST 2005 [email protected] DRUPAL-SA-2005-002 php injection in comments yes, its lame Hax0r code here, read before execute Run without arguments to show the help. BLINK! BLINK! BLINK! BLINK! Feel free to port to another stupid...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•13 views

Geeklog 1.3.5 HTML Attribute Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5270/info A cross site scripting vulnerability has been reported for Geeklog. Reportedly, Geeklog does not properly sanitize user supplied input before being included when posting comments or writing stories. Geeklog make...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•20 views

Joomla EasyBlog Persistent XSS Vulnerability

No description provided by source. Name : Joomla EasyBlog Persistent XSS Vulnerability Date : july 12,2010 Critical Level : HIGH vendor URL :http://stackideas.com/products/easyblog.html Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•13 views

geoBlog MOD_1.0 deleteblog.php id Variable Remote Arbitrary Blog Deletion

No description provided by source. source: http://www.securityfocus.com/bid/24966/info geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments. An attacker may exploit these issues to delete blogs...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•62 views

Kayako eSupport <= 2.3.1 (subd) Remote File Inclusion Vulnerability

No description provided by source. Script: Kayako eSupport = 2.3.1 Vendor: Kayako www.kayako.com Discovered: beford xbefordx gmail com Comments: It seems like the vendor silently fixed the issue in the current version more like since v2.3.5 withouth warning users of previous versions, noobs...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•14 views

myBloggie <= 2.1.4 (trackback.php) Multiple SQL Injections Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo MyBloggie = 2.1.4 trackback.php multiple SQL injections vulnerability /\n; echo administrative credentials disclosure exploit\n; echo by rgod [email protected]\n; echo site: http://retrogod.altervista.org\n\n; / works...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•23 views

Micro CMS 1.0 b1 - Persistent XSS Vulnerability

No description provided by source. Title : Micro CMS Persistent Cross-Site Scripting Vulnerability. Author : Veerendra G.G from SecPod Technologies www.secpod.com Vendor : http://www.micro-cms.com/ Advisory : http://secpod.org/blog/?p=135 http://secpod.org/advisories/SECPODMicroCMS.txt Version :...

7.1AI score

Exploits0

Patchstack•added 2014/06/23 12:0 a.m.•18 views

WordPress Verification Code for Comments Plugin <= 2.1.0 - Multiple XSS

Because of these vulnerabilities in vcc.js.php, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

4.3CVSS2.3AI score0.00174EPSS

Exploits1References1Affected Software1

NVD•added 2014/04/01 3:24 a.m.•14 views

CVE-2013-5640

Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote attackers to execute arbitrary SQL commands via the 1 answerid or 2 questionid parameter to polls/vote.php, 3 storyid parameter to comments/add.php or 4 comments/edit.php, or 5 threadid parameter to posts/add.php. NOTE: this issue...

7.5CVSS8.3AI score0.00817EPSS

Exploits6References4

The Hacker News•added 2014/03/01 12:30 a.m.•10 views

Yahoo vulnerability allows Hacker to delete 1.5 million records from Database

Yahoo! The 4th most visited website on the Internet has been found vulnerable multiple times, and this time a hacker has claimed to spot a critical vulnerability in the Yahoo! sub-domain 'suggestions.yahoo.com', which could allow an attacker to delete the all the posted thread and comments on...

6.8AI score

Exploits0

Atlassian•added 2014/02/20 4:9 p.m.•19 views

Restricted JIRA comments appear in Confluence notification inbox

If a user is watching a JIRA issue, and a restricted comment is made on that issue that the user should not be able to see, the notification still appears in their Confluence notification inbox. When the user navigates to the issue, the correctly are not allowed to see the comment. This is a...

2.7AI score

Exploits0

NVD•added 2013/12/30 4:53 a.m.•18 views

CVE-2013-7233

Cross-site request forgery CSRF vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of administrators for requests that move comments to the moderation list...

6.8CVSS7AI score0.00456EPSS

Exploits0References2

Debian CVE•added 2013/12/30 2:0 a.m.•22 views

CVE-2013-7233

6.8CVSS6.5AI score0.00456EPSS

Exploits0

exploitpack•added 2013/10/29 12:0 a.m.•11 views

ILIAS eLearning CMS 4.3.4 4.4 - Persistent Cross-Site Scripting

ILIAS eLearning CMS 4.3.4 4.4 - Persistent Cross-Site Scripting Document Title: =============== ILIAS eLearning 4.3.4 & 4.4 CMS - Persistent Notes Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1122 Release Date: ============= 2013-10-...

6.8AI score

Exploits0

Exploit DB•added 2013/10/29 12:0 a.m.•25 views

ILIAS eLearning CMS 4.3.4 < 4.4 - Persistent Cross-Site Scripting

Document Title: =============== ILIAS eLearning 4.3.4 & 4.4 CMS - Persistent Notes Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1122 Release Date: ============= 2013-10-27 Vulnerability Laboratory ID VL-ID:...

7.4AI score

Exploits0

Packet Storm•added 2013/10/28 12:0 a.m.•16 views

ILIAS eLearning 4.3.4 / 4.4 Cross Site Scripting

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by