CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

23 matches found

exploitpack•added 2016/11/21 12:0 a.m.•24 views

LEPTON 2.2.2 - Remote Code Execution

LEPTON 2.2.2 - Remote Code Execution Security Advisory - Curesec Research Team 1. Introduction Affected Product: LEPTON 2.2.2 stable Fixed in: 2.3.0 Fixed Version Link: http://www.lepton-cms.org/posts/important-lepton-2.3.0-101.php Vendor Website: http://www.lepton-cms.org/ Vulnerability Type: Co...

exploitpack•added 2016/11/21 12:0 a.m.•36 views

FUDforum 3.0.6 - Cross-Site Scripting Cross-Site Request Forgery

FUDforum 3.0.6 - Cross-Site Scripting Cross-Site Request Forgery Security Advisory - Curesec Research Team 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: XSS, Login CSRF Remote Exploitable...

Exploit DB•added 2016/11/21 12:0 a.m.•53 views

Mezzanine 4.2.0 - Cross-Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Mezzanine 4.2.0 Fixed in: 4.2.1 Fixed Version Link: https://github.com/stephenmcd/mezzanine/releases/tag/4.2.1 Vendor Website: http://mezzanine.jupo.org/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor:...

Exploit DB•added 2016/11/21 12:0 a.m.•55 views

LEPTON 2.2.2 - SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: LEPTON 2.2.2 stable Fixed in: 2.3.0 Fixed Version Link: http://www.lepton-cms.org/posts/ important-lepton-2.3.0-101.php Vendor Website: http://www.lepton-cms.org/ Vulnerability Type: SQL Injection Remote Exploitable: Yes...

Exploit DB•added 2016/11/21 12:0 a.m.•62 views

LEPTON 2.2.2 - Remote Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product: LEPTON 2.2.2 stable Fixed in: 2.3.0 Fixed Version Link: http://www.lepton-cms.org/posts/important-lepton-2.3.0-101.php Vendor Website: http://www.lepton-cms.org/ Vulnerability Type: Code Execution Remote Exploitable: Yes...

Exploit DB•added 2016/11/21 12:0 a.m.•44 views

FUDforum 3.0.6 - Local File Inclusion

Security Advisory - Curesec Research Team 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: LFI Remote Exploitable: Yes Reported to vendor: 04/11/2016 Disclosed to public: 11/10/2016 Release...

Packet Storm•added 2016/11/18 12:0 a.m.•43 views

Lepton 2.2.2 Stable SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: LEPTON 2.2.2 stable Fixed in: 2.3.0 Fixed Version Link: http://www.lepton-cms.org/posts/ important-lepton-2.3.0-101.php Vendor Website: http://www.lepton-cms.org/ Vulnerability Type: SQL Injection Remote Exploitable: Yes...

Packet Storm•added 2016/11/18 12:0 a.m.•45 views

Lepton 2.2.2 Stable CSRF / Open Redirect / Password Handling

Security Advisory - Curesec Research Team 1. Introduction Affected Product: LEPTON 2.2.2 stable Fixed in: 2.3.0 Fixed Version http://www.lepton-cms.org/posts/ Link: important-lepton-2.3.0-101.php Vendor Website: http://www.lepton-cms.org/ Vulnerability CSRF, Open Redirect, Insecure Bruteforce...

Exploit DB•added 2016/09/19 12:0 a.m.•44 views

MyBB 1.8.6 - SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyBB 1.8.6 Fixed in: 1.8.7 Fixed Version Link: http://resources.mybb.com/downloads/mybb1807.zip Vendor Website: http://www.mybb.com/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 01/29/2016...

Packet Storm•added 2016/09/16 12:0 a.m.•49 views

MyBB 1.8.6 SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyBB 1.8.6 Fixed in: 1.8.7 Fixed Version Link: http://resources.mybb.com/downloads/mybb1807.zip Vendor Website: http://www.mybb.com/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 01/29/2016...

Packet Storm•added 2016/03/18 12:0 a.m.•31 views

BigTree 4.2.8 Object Injection / Improper Filename Sanitization

Security Advisory - Curesec Research Team 1. Introduction Affected Product: BigTree 4.2.8 Fixed in: BigTree 4.2.9 Fixed Version Link: https://www.bigtreecms.org/download/ Vendor Website: https://www.bigtreecms.org/ Vulnerability Type: Object Injection & Improper Filename Sanitation Remote...

exploitpack•added 2015/12/23 12:0 a.m.•38 views

Grawlix 1.0.3 - Cross-Site Request Forgery

Grawlix 1.0.3 - Cross-Site Request Forgery Security Advisory - Curesec Research Team 1. Introduction Affected Product: Grawlix 1.0.3 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://www.getgrawlix.com/ Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 11/17/20...

Packet Storm•added 2015/12/23 12:0 a.m.•29 views

Grawlix 1.0.3 Cross Site Request Forgery

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Grawlix 1.0.3 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://www.getgrawlix.com/ Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 11/17/2015 Disclosed to public: 12/21/2015 Release...

Packet Storm•added 2015/12/09 12:0 a.m.•31 views

CodoForum 3.4 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: CodoForum 3.4 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to public: 12/02/2015 Release mode: Fu...

Packet Storm•added 2015/12/09 12:0 a.m.•32 views

Geeklog 2.1.0 Command Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Geeklog 2.1.0 Fixed in: 2.1.1b3 Fixed Version Link: https://www.geeklog.net/filemgmt/visit.php/1156 Vendor Contact: [email protected] Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to...

Packet Storm•added 2015/11/16 12:0 a.m.•21 views

ClipperCMS 1.3.0 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: ClipperCMS 1.3.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://www.clippercms.com/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 10/02/2015 Disclosed to public: 11/13/2015 Releas...

Packet Storm•added 2015/11/16 12:0 a.m.•31 views

dotclear 2.8.1 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: dotclear 2.8.1 Fixed in: 2.8.2 Fixed Version Link: http://download.dotclear.org/latest.zip Vendor Website: http://dotclear.org/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 10/02/2015 Disclosed to...

Packet Storm•added 2015/11/09 12:0 a.m.•24 views

TheHostingTool 1.2.6 Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product: TheHostingTool 1.2.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: https://thehostingtool.com/ Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 09/07/2015 Disclosed to public:...

Packet Storm•added 2015/10/30 12:0 a.m.•18 views

Pligg CMS 2.0.2 Directory Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Pligg CMS 2.0.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pligg.com/ Vulnerability Type: Directory Traversal Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to public: 10/07/2015...

seebug.org•added 2015/09/24 12:0 a.m.•22 views

ZeusCart 4.0 - Admin SQL注入漏洞

ZeusCart 4.0: SQL Injection Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 08/13/2015 Disclosed ...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by