CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2023/09/19 12:0 a.m.•459 views

Super Store Finder 3.7 Remote Command Execution

Vulnerability : Authenticated Arbitrary PHP Code Injection lead to Remote Code Execution Researcher : Etharus Vendor : Joe Iz, https://www.superstorefinder.net/ Demo Url : https://superstorefinder.net/products/superstorefinder/ Version Affected : 3.7 and below Date : 18 September 2023 FOFA Dork :...

0day.today•added 2023/09/19 12:0 a.m.•418 views

Super Store Finder 3.7 Remote Command Execution Vulnerability

SUSE CVE•added 2023/02/15 6:7 a.m.•2 views

SUSE CVE-2008-3457

Cross-site scripting XSS vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify...

2.6CVSS6AI score0.00586EPSS

Exploits2References4

CNVD•added 2021/08/10 12:0 a.m.•10 views

rConfig SQL Injection Vulnerability (CNVD-2021-61757)

rConfig is an open source network device configuration management utility. rConfig version 3.9.5 contains a SQL injection vulnerability in config.inc.php, which can be exploited by sending a specially crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php to access sensitive database...

7.5CVSS3AI score0.00139EPSS

NVD•added 2021/08/09 11:15 p.m.•7 views

CVE-2020-23150

A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php...

7.5CVSS0.00139EPSS

OSV•added 2021/08/09 11:15 p.m.•0 views

CVE-2020-23150

A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php...

7.5CVSS5.8AI score

Exploits0References1

Cvelist•added 2021/08/09 10:54 p.m.•16 views

CVE-2020-23150

A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php...

8.1AI score0.00139EPSS

CNVD•added 2019/03/29 12:0 a.m.•2 views

Nagios XI Elevation of Privilege Vulnerability (CNVD-2019-10018)

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting and rich data visualization. An elevation of privilege vulnerability exists in Nagios XI versions prior to 5.5.11. A local attacker can exploit this vulnerability ...

7.8CVSS6.9AI score0.00033EPSS

Exploits2References1

Positive Technologies•added 2019/03/28 12:0 a.m.•2 views

PT-2019-19407 · Nagios · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI versions prior to 5.5.11 Description: The issue allows local attackers to elevate privileges to root. This is achieved through write access to specific files, including config.inc.php and import xiconfig.php. Recommendations: For...

7.8CVSS8AI score0.00033EPSS

Exploits2References4

seebug.org•added 2016/01/25 12:0 a.m.•61 views

易企CMS install/install.php 代码执行

看代码\install\install.php 作用就是安装该cms，然后把install.php改为install.php.bak。由于apache解析问题，改文件还是会解析成php，然后就可以暴力getshell。数据库连接文件会写到\include\config.inc.php 由于是双引号可直接shell，无限制。...

seebug.org•added 2014/08/12 12:0 a.m.•32 views

ThinkSAAS 2.2 GET型CSRF到Getshell

简要描述：后台Getshell本想在XSS漏洞里一起提交的。。。结果我给忘了。不过后来发现这个洞是Get型的CSRF，利用方便，老少咸宜，在社区CMS中可以说威力无限呀。详细说明： /app/system/action/plugin.php 83行： case "delete": $apps = $GET'apps'; $pname = $GET'pname'; delDir'plugins/'.$apps.'/'.$pname; qiMsg'删除成功！'; break; 获得了GET到的值以后拼接成路径以后传入delDir函数。delDir函数： / 删除文件夹和文件夹下所有的文...

7AI score

seebug.org•added 2014/07/01 12:0 a.m.•18 views

Woltlab Burning Board 2.3.4 File Disclosure Vulnerability

No description provided by source. Exploit Title: Woltlab Burning Board 2.3.4 File Disclosure Vulnerability Date: 2010-11-12 Author: SFX Version: 2.3.4 CVE : N/A After you've used the Exploit to get the admin account: goto: http://lolcathost/wbb/acp/avatar.php?action=readfolder import: acp/lib...

seebug.org•added 2014/07/01 12:0 a.m.•14 views

phpAbook <= 0.8.8b (COOKIE) Local File Inclusion Vulnerability

No description provided by source. phpAbook = 0.8.8b COOKIE Local File Inclusion Vulnerability url: http://sourceforge.net/projects/phpabook/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. U...

seebug.org•added 2014/07/01 12:0 a.m.•8512 views

snetworks php classifieds 5.0 - Remote File Inclusion Vulnerability

No description provided by source. +By CrackersChild+ Script.......: SNETWORKS PHP CLASSIFIEDS Page.........: http://www.snetworks.biz/ Author.......: CrackersChild | [email protected] & [email protected] Class........: Remote File İnclude Vulnerability Demo.........:...

seebug.org•added 2014/05/20 12:0 a.m.•77 views

PHPEMS (在线考试系统) 设计缺陷 Getshell一枚(官网已shell)

简要描述：号称是最好用的开源php考试系统? 果断来看看。已拿下官网。详细说明： PHPEMS整合了uc。在api/config.inc.php中 define'UCCONNECT', 'mysql'; define'UCDBHOST', 'localhost'; define'UCDBUSER', 'root'; define'UCDBPW', 'root'; define'UCDBNAME', 'ucenter16'; define'UCDBCHARSET', 'utf8'; define'UCDBTABLEPRE', 'ucenter16.uc';...