Lucene search
K

19 matches found

Vulnrichment
Vulnrichment
added 2026/03/06 12:19 p.m.2 views

CVE-2018-25187 Tina4 Stack 1.0.3 SQL Injection and Database File Download

Tina4 Stack 1.0.3 contains multiple vulnerabilities allowing unauthenticated attackers to access sensitive database files and execute SQL injection attacks. Attackers can directly request the kim.db database file to retrieve user credentials and password hashes, or inject SQL code through the men...

8.8CVSS5.9AI score0.00347EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/06 12:19 p.m.32 views

CVE-2018-25187 Tina4 Stack 1.0.3 SQL Injection and Database File Download

Tina4 Stack 1.0.3 contains multiple vulnerabilities allowing unauthenticated attackers to access sensitive database files and execute SQL injection attacks. Attackers can directly request the kim.db database file to retrieve user credentials and password hashes, or inject SQL code through the men...

8.8CVSS0.00347EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/06 12:18 p.m.29 views

CVE-2018-25164 EverSync 0.5 Arbitrary File Download via files Directory

EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated attackers to access sensitive files by requesting them directly from the files directory. Attackers can send GET requests to the files directory to download database files like db.sq3 containing application...

8.7CVSS0.00266EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2009-0502

Malware in sbrugna...

5CVSS6.4AI score0.02274EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-5567

Malware in sbrugna...

5CVSS6.4AI score0.02615EPSS
Exploits0References5
0day.today
0day.today
added 2018/11/14 12:0 a.m.266 views

Maitra Mail Tracking System 1.7.2 - SQL Injection / Database File Download Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Maitra - Mail Tracking System 1.7.2 - SQL Injection / Database File Download Exploit Author: Ihsan Sencan Vendor Homepage: http://salzertechnologies.com/ Software Link:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/11/13 12:0 a.m.40 views

Maitra Mail Tracking System 1.7.2 - SQL Injection Database File Download

Maitra Mail Tracking System 1.7.2 - SQL Injection Database File Download Exploit Title: Maitra - Mail Tracking System 1.7.2 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://salzertechnologies.com/ Software Link:...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/13 12:0 a.m.73 views

Tina4 Stack 1.0.3 SQL Injection

Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version: 1.0.3 Category: Webapps Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/11/13 12:0 a.m.20 views

Tina4 Stack 1.0.3 - SQL Injection / Database File Download

Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version: 1.0.3 Category: Webapps Test...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/12 12:0 a.m.65 views

Easyndexer 1.0 Cross Site Request Forgery

Exploit Title: Easyndexer 1.0 - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/easyndexer/ Software Link: https://ayera.dl.sourceforge.net/project/easyndexer/easyndexerwin32.exe Version: 1.0 Category:...

0.7AI score
Exploits0
0day.today
0day.today
added 2018/11/12 12:0 a.m.195 views

Easyndexer 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: Easyndexer 1.0 - Cross-Site Request Forgery Add Admin Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/easyndexer/ Software Link:...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2018/11/12 12:0 a.m.28 views

Easyndexer 1.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Easyndexer 1.0 - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/easyndexer/ Software Link: https://ayera.dl.sourceforge.net/project/easyndexer/easyndexerwin32.exe Version: 1.0 Category:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/10/31 12:0 a.m.40 views

SaltOS Erp Crm 3.1 r8126 - Database File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: SaltOS Erp, Crm 3.1 r8126 - Database File Download Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: http://download.saltos.org/?app=saltos&format=xul&arch=win32 Version: 3.1 r0 / 3.x Category:...

6.6AI score0.06189EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/10/29 12:0 a.m.33 views

SaltOS Erp Crm 3.1 r8126 Database Download

Exploit Title: SaltOS Erp, Crm 3.1 r8126 - Database File Download Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: http://download.saltos.org/?app=saltos&format=xul&arch=win32 Version: 3.1 r0 / 3.x Category: Webapps Tested on:...

6.6AI score0.06189EPSS
Exploits5
OpenVAS
OpenVAS
added 2016/12/28 12:0 a.m.10 views

EasyIO Multiple Vulnerabilities (Dec 2016)

EasyIO FG-series devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:easyio:easyio";...

7.4AI score
Exploits0References1
CNVD
CNVD
added 2016/11/01 12:0 a.m.3 views

ESPCMS has a database file download vulnerability

ESSENCE ESPCMS website management system based on LAMP development and construction of the website management system. ESPCMS has a database file download vulnerability. Due to logging into the background and clicking upgrade, the system will automatically backup the database data, the backup file...

6.8AI score
Exploits0References1
CVE
CVE
added 2009/05/29 4:24 p.m.42 views

CVE-2009-1821

DMXReady Registration Manager 1.1 is affected. The root cause is insufficient access control that allows remote attackers to access the web root and download the databases/webblogmanager.mdb file, exposing sensitive data. The impact is partial confidentiality loss due to direct access to the data...

5CVSS6.5AI score0.02618EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2009/01/29 6:9 p.m.17 views

CVE-2009-0328

ROBS-PROJECTS Digital Sales IPN aka DS-IPN.NET or DS-IPN Paypal Shop stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request for Database/Sales.mdb...

6.4AI score0.07294EPSS
Exploits0References3
Prion
Prion
added 2008/12/15 6:0 p.m.15 views

Improper access control

Professional Download Assistant 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for database/downloads.mdb...

5CVSS6.9AI score0.07386EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder