CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2023/02/14 12:0 a.m.•20 views

phpMyFAQ has an unspecified vulnerability (CNVD-2023-09634)

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.11 contain a security vulnerability that stems from an uncaught exception. No detailed vulnerability details are currently available...

8.8CVSS2.8AI score0.00417EPSS

CNVD•added 2023/02/14 12:0 a.m.•19 views

phpMyFAQ code injection vulnerability

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.11 contain a code injection vulnerability that stems from code injection. No detailed vulnerability details are currently available...

6.5CVSS3.6AI score0.00385EPSS

CNVD•added 2023/02/14 12:0 a.m.•18 views

phpMyFAQ command injection vulnerability

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.11 contain a command injection vulnerability, which stems from command injection. No detailed vulnerability details are currently available...

9.8CVSS3.6AI score0.07757EPSS

CNVD•added 2023/02/14 12:0 a.m.•12 views

phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-09630)

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.11 are vulnerable to a cross-site scripting vulnerability that originates from cross-site scripting XSS. No detailed vulnerability details are currently available...

8.1CVSS1.9AI score0.00286EPSS

CNNVD•added 2023/02/12 12:0 a.m.•1 views

phpMyFAQ 安全漏洞

8.8CVSS6.7AI score0.00417EPSS

Exploits1References3

CNVD•added 2023/01/16 12:0 a.m.•18 views

phpMyFAQ cross-site scripting vulnerability (CNVD-2023-04313)

phpMyFAQ is a multi-language, fully database-driven FAQ system. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.1.10, which stems from the presence of stored cross-site scripting XSS. No details of the vulnerability are provided at this time...

8.6CVSS6AI score0.00674EPSS

CNVD•added 2023/01/16 12:0 a.m.•18 views

phpMyFAQ authorization issue vulnerability

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.10 are vulnerable to an authorization issue that stems from incorrect authentication. No detailed second floor details are currently available...

9.8CVSS3.9AI score0.01393EPSS

CNVD•added 2023/01/16 12:0 a.m.•18 views

phpMyFAQ cross-site scripting vulnerability (CNVD-2023-04311)

phpMyFAQ is a multi-language, fully database-driven FAQ system. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.1.10, which stems from the presence of reflected cross-site scripting XSS. No details of the vulnerability are provided at this time...

6.5CVSS6AI score0.00309EPSS

Hacker One•added 2019/03/12 10:40 a.m.•17 views

Node.js third-party modules: [increments] sql injection

I would like to report SQL Injection in increments. It allows creating fake polls. Module module name: increments version: 1.2.1 npm page: https://www.npmjs.com/package/increments Module Description Increment is a database-driven for creating polls and taking votes for various options, candidates...

0.1AI score

Exploit DB•added 2010/09/06 12:0 a.m.•43 views

Micronetsoft RV Dealer Website - SQL Injection

Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: Micronetsoft RV Dealer Website SQLi Vulnerability Vendor url:http://www.micronetsoft.com Version:1 Price:199$ Published: 2010-09-06 GThanx to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA1201, Sonic Bluehat, M4n0j,NoCare,...

7AI score

0day.today•added 2010/01/01 12:0 a.m.•25 views

WD-CMS 3.0 Multiple Vulnerabilities

Exploit for unknown platform in category web applications =================================== WD-CMS 3.0 Multiple Vulnerabilities =================================== Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link:...

Packet Storm•added 2009/05/16 12:0 a.m.•18 views

DMXReady Registration Manager 1.1 Database Disclosure

Title : DMXReady Registration Manager 1.1 Remote Database Disclosure Vulnerability Author : S4S-T3rr0r!sT Contact : [email protected] / [email protected] S.Page : DMXReady CMS Plugin Applications Web Site Design Extensions Dreamweaver ASP Template Database Driven Site : WwW.s3curi7y.com / www.h-t.cc D0r...

7.4AI score

seebug.org•added 2008/06/20 12:0 a.m.•31 views

eLineStudio Site Composer (ESC) <= 2.6 Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: eLineStudio Site Composer ESC =2.6 Multiple Vulnerabilities Vendor: www.elinestudio.com Vulnerable Version: 2.6 and prior versions Exploit: Available Impact: High Fix: N/A Original Advisory:...

exploitpack•added 2008/06/19 12:0 a.m.•18 views

eLineStudio Site Composer (ESC) 2.6 - Multiple Vulnerabilities

eLineStudio Site Composer ESC 2.6 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: eLineStudio Site Composer ESC =2.6 Multiple Vulnerabilities Vendor: www.elinestudio.com Vulnerable Version: 2.6 and prior versions Exploit: Available Impact: High Fix: N/A Origina...

0.6AI score

seebug.org•added 2008/05/18 12:0 a.m.•22 views

Smeego 1.0 (Cookie lang) Local File Inclusion Exploit

No description provided by source. Smeego CMS Local File Include Exploit by 0in from Dark-Coders Programming & Security Group http://dark-coders.4rh.eu -------------------------------------------------------- Contact: 0indotemailatgmaildotcom ------------------------------------------------------...

seebug.org•added 2007/12/11 12:0 a.m.•16 views

Lotfian.com DATABASE DRIVEN TRAVEL SITE SQL Injection Vuln

No description provided by source. Aria-Security Team http://Aria-Security.Net ----------------------------- DATABASE DRIVEN TRAVEL SITE Vendor: Lotfian.com NewsDetails.asp?NewsID=''UPDATE gtsNews set NewsDescription='HACKED' UPDATE gtsNews set NewsTitle='HACKED' Destination.asp?CID=''UPDATE...