CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8980 matches found

Cvelist•added 2006/01/18 11:0 a.m.•24 views

CVE-2006-0268

Unspecified vulnerability in the Security component of Oracle Database server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln DB21...

6.3AI score0.01326EPSS

Exploits0References9

Cvelist•added 2006/01/18 11:0 a.m.•18 views

CVE-2006-0266

Unspecified vulnerability in the Query Optimizer component of Oracle Database server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unspecified impact and attack vectors, as identified by Oracle Vuln DB19...

6.3AI score0.01326EPSS

Exploits0References9

CVE•added 2006/01/18 11:0 a.m.•61 views

CVE-2006-0285

CVE-2006-0285 is an unspecified vulnerability in the Java Net component of Oracle Database Server (versions 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, 10.1.0.4) and Oracle Application Server (1.0.2.2, 9.0.4.2, 10.1.2.0.2). The available documents describe the issue as having unspecified impact and ...

10CVSS9.2AI score0.01526EPSS

Exploits0References9Affected Software2

securityvulns•added 2006/01/18 12:0 a.m.•41 views

[Full-disclosure] Oracle Database 10g Rel. 1 - SQL Injection in SYS.KUPV$FT_INT

Oracle forgot to inform me that these vulnerabilities are also fixed. http://www.red-database-security.com/advisory/oraclesqlinjectionkupv$ ftint.html Name SQL Injection in package SYS.KUPV$FTINT Affected Oracle 10g Release 1 Severity High Risk Category SQL Injection Vendor URL...

0.4AI score

Exploits0

CERT•added 2006/01/18 12:0 a.m.•13 views

Oracle products contain multiple vulnerabilities

Overview Multiple vulnerabilities exist in numerous Oracle products. The severity and impacts of these vulnerabilities are varied and may include remote execution of arbitrary code, the disclosure of sensitive information, and denial-of-service conditions. Description Multiple vulnerabilities exi...

7.3AI score

Exploits0References1

Exploit DB•added 2006/01/18 12:0 a.m.•21 views

EggBlog 2.0 - 'message' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16305/info Eggblog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could result in a compromise of the...

7.4AI score

Exploits0

Exploit DB•added 2006/01/17 12:0 a.m.•28 views

aoblogger 2.3 - 'create.php' Entry Creation

source: https://www.securityfocus.com/bid/16286/info AOblogger is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could allow an attacker to: -...

7AI score

Exploits0

exploitpack•added 2006/01/16 12:0 a.m.•13 views

White Album 2.5 - Pictures.php SQL Injection

White Album 2.5 - Pictures.php SQL Injection source: https://www.securityfocus.com/bid/16247/info White Album is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

0.4AI score

Exploits0

Tenable Nessus•added 2006/01/16 12:0 a.m.•27 views

Lyris ListManager MSDE Weak sa Password

The remote host appears to be running ListManager, a web-based commercial mailing list management application from Lyris. The version of ListManager on the remote host was installed using Microsoft SQL Server Desktop Engine MSDE for its database backend along with a weak password for the 'sa'...

6.5CVSS5.8AI score0.6483EPSS

Exploits3References3

Exploit DB•added 2006/01/16 12:0 a.m.•18 views

BlogPHP 1.0 - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/16269/info BlogPHP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...

7.4AI score

Exploits0

Tenable Nessus•added 2006/01/15 12:0 a.m.•34 views

Ubuntu 4.10 : mysql-dfsg vulnerability (USN-109-1)

USN-32-1 fixed a database privilege escalation vulnerability; original advisory text : 'If a user was granted privileges to a database with a name containing an underscore '', the user also gained the ability to grant privileges to other databases with similar names. CAN-2004-0957' Recently a...

6.8CVSS5.4AI score0.0048EPSS

Exploits0References1

securityvulns•added 2006/01/12 12:0 a.m.•38 views

PostgreSQL database DoS

Large number of connections at same time causes fatal error...

1.8AI score

Exploits0References1Affected Software1

Exploit DB•added 2006/01/12 12:0 a.m.•16 views

TankLogger 2.4 General Functions Script - SQL Injection

source: https://www.securityfocus.com/bid/16228/info TankLogger is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise o...

7.4AI score

Exploits0

Tenable Nessus•added 2006/01/10 12:0 a.m.•307 views

ADOdb server.php sql Parameter SQL Injection

The remote host is running ADOdb, a database abstraction library for PHP. The installed version of ADOdb includes a test script named 'server.php' that fails to sanitize user input to the 'sql' parameter before using it in database queries. An attacker can exploit this issue to launch SQL injecti...

7.5CVSS5.8AI score0.09474EPSS

Exploits1References2

exploitpack•added 2006/01/06 12:0 a.m.•52 views

OnePlug CMS - pressdetails.asp?Press_Release_ID SQL Injection

OnePlug CMS - pressdetails.asp?PressReleaseID SQL Injection source: https://www.securityfocus.com/bid/16155/info OnePlug CMS is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL...

Exploits0

Exploit DB•added 2006/01/06 12:0 a.m.•320 views

OnePlug CMS - '/products/details.asp?Product_ID' SQL Injection

source: https://www.securityfocus.com/bid/16155/info OnePlug CMS is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could allow an attacker to...

7.4AI score

Exploits0

NVD•added 2005/12/31 5:0 a.m.•20 views

CVE-2005-4832

SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTIONNAME parameter in the 1 SYS.DBMSCDCSUBSCRIBE and 2 SYS.DBMSCDCISUBSCRIBE packages, a different vector than CVE-2005-1197...

7.5CVSS7.5AI score0.66238EPSS

Exploits4References8

myhack58•added 2005/12/29 12:0 a.m.•14 views

Clever take WEBSHELL-vulnerability warning-the black bar safety net

A, causes Today the middle of the night boredom, accidentally saw previously wanted to get the station, www. 818.com try the default database http://www. 818.com/abc.asp,actually is no Defense under the previous might be he?, has been downloaded no, the old error, today can, may be the...

7.1AI score

Exploits0

NVD•added 2005/12/28 11:3 a.m.•20 views

CVE-2005-4558

IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, does not properly restrict acceptable values for the language parameter to mail/settings.html before it is stored in a database, which can allow remote authenticated users to include...

6.5CVSS6.3AI score0.11946EPSS

Exploits1References10

Cvelist•added 2005/12/28 11:0 a.m.•27 views

CVE-2005-4558

6.3AI score0.11946EPSS

Exploits1References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by