CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10439 matches found

Exploit DB•added 2009/07/20 12:0 a.m.•26 views

PHP Scripts Now (Multiple Products) - 'bios.php?rank' SQL Injection

source: https://www.securityfocus.com/bid/44306/info Multiple PHP Scripts Now products are prone to an input-validation vulnerability that can be exploited to conduct SQL-injection and cross-site scripting attacks. Exploiting this vulnerability could allow an attacker to steal cookie-based...

7.4AI score

Exploits0

OpenVAS•added 2009/07/08 12:0 a.m.•36 views

phpDatingClub 'search.php' Cross-Site Scripting and SQL Injection Vulnerabilities

phpDatingClub is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the applicatio...

7.5CVSS0.00438EPSS

Exploits0References1

OpenVAS•added 2009/07/08 12:0 a.m.•19 views

FireStats Unspecified SQL Injection Vulnerability

FireStats is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlyin...

7.5CVSS0.7AI score0.00632EPSS

Exploits0References1

exploitpack•added 2009/06/28 12:0 a.m.•8 views

Joomla! Component Permis 1.0 (com_groups) - id SQL Injection

Joomla! Component Permis 1.0 comgroups - id SQL Injection source: https://www.securityfocus.com/bid/35849/info The Permis 'comgroups' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...

0.4AI score

Exploits0

exploitpack•added 2009/06/27 12:0 a.m.•11 views

AlmondSoft Multiple Classifieds Products - index.php?replid SQL Injection

AlmondSoft Multiple Classifieds Products - index.php?replid SQL Injection source: https://www.securityfocus.com/bid/35816/info AlmondSoft Almond Classifieds is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize...

0.2AI score

Exploits0

OpenVAS•added 2009/06/19 12:0 a.m.•22 views

Claroline 'notfound.php' SQLi Vulnerability

Claroline is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.9AI score0.03243EPSS

Exploits1References4

OpenVAS•added 2009/06/14 12:0 a.m.•22 views

eliteCMS multiple Vulnerabilities

eliteCMS is prone to a vulnerability that lets attackers upload and execute arbitrary PHP code. The application is also prone to a cross-site scripting issue and to a SQL Injection Vulnerability. These issues occur because the application fails to sufficiently sanitize user-supplied input...

7.5CVSS0.4AI score0.00378EPSS

Exploits1References3

OpenVAS•added 2009/06/01 12:0 a.m.•24 views

phpBugTracker 'include.php' SQL Injection Vulnerability

According to its version number, the remote version of phpBugTracker is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modi...

7.5CVSS0.9AI score0.00366EPSS

Exploits0References1

Tenable Nessus•added 2009/06/01 12:0 a.m.•33 views

JVideo! Component for Joomla! 'user_id' Parameter SQLi

The version of the JVideo! component for Joomla! running on the remote host is affected by a SQL injection vulnerability in the models/user.php script due to improper sanitization of user-supplied input to the 'userid' parameter before using it to construct database queries in the getUsername...

7.5CVSS5.9AI score0.00319EPSS

Exploits1References2

OpenVAS•added 2009/05/28 12:0 a.m.•19 views

Cacti < 0.8.7b Multiple Input Validation Vulnerabilities

Cacti is prone to multiple unspecified input-validation vulnerabilities. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

6.4AI score

Exploits0References1

exploitpack•added 2009/05/27 12:0 a.m.•20 views

PHP-Nuke 8.0 - maintrackinguserLog.php SQL Injection

PHP-Nuke 8.0 - maintrackinguserLog.php SQL Injection source: https://www.securityfocus.com/bid/35117/info PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker...

0.1AI score

Exploits0

exploitpack•added 2009/05/22 12:0 a.m.•12 views

LxBlog - Multiple Cross-Site Scripting SQL Injections

LxBlog - Multiple Cross-Site Scripting SQL Injections source: https://www.securityfocus.com/bid/35071/info LxBlog is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues coul...

Exploits0

Exploit DB•added 2009/05/22 12:0 a.m.•14 views

LxBlog - Multiple Cross-Site Scripting / SQL Injections

source: https://www.securityfocus.com/bid/35071/info LxBlog is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authenticati...

7.4AI score

Exploits0

exploitpack•added 2009/05/05 12:0 a.m.•20 views

IceWarp Merak Mail Server 9.4.1 Groupware Component - Multiple SQL Injections

IceWarp Merak Mail Server 9.4.1 Groupware Component - Multiple SQL Injections source: https://www.securityfocus.com/bid/34820/info IceWarp Merak Mail Server is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL...

0.3AI score

Exploits0

Exploit DB•added 2009/04/13 12:0 a.m.•19 views

People-Trak - Login SQL Injection

source: https://www.securityfocus.com/bid/34491/info People-Trak is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

7.4AI score

Exploits0

Exploit DB•added 2009/04/09 12:0 a.m.•14 views

Absolute Form Processor XE 1.5 - 'login.asp' SQL Injection

source: https://www.securityfocus.com/bid/34463/info Absolute Form Processor XE is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...

7AI score

Exploits0

OpenVAS•added 2009/04/08 12:0 a.m.•57 views

Xplode 'module_wrapper.asp' SQL Injection and Cross Site Scripting Vulnerabilities

Xplode is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify...

0.6AI score

Exploits0References1

OpenVAS•added 2009/04/05 12:0 a.m.•20 views

Gravity Board X Multiple SQL Injection Vulnerabilities and Remote Command Execution Vulnerability

Gravity Board X is prone to multiple SQL-injection vulnerabilities and a remote command-execution because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to execute arbitrary code, compromise the application...

7.5CVSS0.6AI score0.00453EPSS

Exploits1References1

OpenVAS•added 2009/04/05 12:0 a.m.•30 views

Community CMS <= 0.5 Multiple SQLi Vulnerabilities - Active Check

Community CMS is prone to multiple SQL injection SQLi vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in SQL queries. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

7.5CVSS7.8AI score0.00661EPSS

Exploits1References1

OpenVAS•added 2009/03/22 12:0 a.m.•11 views

phpMyRealty 1.0.7 - 1.0.9 Multiple SQLi Vulnerabilities - Active Check

phpMyRealty is prone to multiple SQL injection SQLi vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...

7.5CVSS7.8AI score0.00436EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by