CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

280 matches found

exploitpack•added 2006/08/10 12:0 a.m.•10 views

YaBBSE 1.x - index.php Cross-Site Scripting

YaBBSE 1.x - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/19460/info A cross-site scripting vulnerability affects YaBBSE because the application fails to properly sanitize user-supplied input before including it in dynamically generated web content. An attacker may...

Tenable Nessus•added 2006/06/23 12:0 a.m.•25 views

BlueDragon 6.2.1 Multiple Remote Vulnerabilities (XSS, DoS)

The remote host is running BlueDragon Server / Server JX, Java-based servers for stand-alone deployment of CFML ColdFusion Markup Language pages. The version of BlueDragon Server / Server JX installed on the remote host fails to sanitize user-supplied input passed as part of the filename before...

5CVSS5.8AI score0.05553EPSS

Exploits2References3

Packet Storm•added 2006/06/21 12:0 a.m.•16 views

eprayer.txt

Eprayer v.Alpha. Homepage: http://eprayer.sourceforge.net Affected files: input boxs of prayer request. User submitted data is not sanatized before being dynamically generated. Try putting the code below in as "Your name" Screenshots: http://www.youfucktard.com/xsp/eprayer1.jpg...

securityvulns•added 2006/06/16 12:0 a.m.•28 views

ePrayver v.Alpha - XSS

Eprayer v.Alpha. Homepage: http://eprayer.sourceforge.net Affected files: input boxs of prayer request. User submitted data is not sanatized before being dynamically generated. Try putting the code below in as "Your name" SCRIPT SRC=http://youfucktard.com/xss.js/SCRIPT Screenshots:...

securityvulns•added 2006/06/03 12:0 a.m.•23 views

Weblog Oggi v1.0

Weblog Oggi v1.0 Homepage: http://www.hotwebscripts.com/index.php User input isn't sanatized before being dynamically generated. For proof of concept just put IMG SRC="javascript:alert'XSS';" in as a comment...

Debian CVE•added 2006/05/31 10:0 a.m.•17 views

CVE-2006-2691

Unspecified "information leakage" vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to access arbitrary images, including dynamically generated images, via unknown vectors...

5CVSS6.9AI score0.00427EPSS

Exploit DB•added 2006/05/06 12:0 a.m.•21 views

MyBloggie 2.1.2/2.1.3 - BBCode IMG Tag HTML Injection

source: https://www.securityfocus.com/bid/17865/info MyBloggie is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the conte...

Exploit DB•added 2006/05/06 12:0 a.m.•30 views

OpenFAQ 0.4 - 'Validate.php' HTML Injection

source: https://www.securityfocus.com/bid/17860/info OpenFAQ is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context...

exploitpack•added 2006/05/06 12:0 a.m.•15 views

MyBloggie 2.1.22.1.3 - BBCode IMG Tag HTML Injection

MyBloggie 2.1.22.1.3 - BBCode IMG Tag HTML Injection source: https://www.securityfocus.com/bid/17865/info MyBloggie is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplie...

exploitpack•added 2006/04/29 12:0 a.m.•10 views

TextFileBB 1.0.16 - Multiple Tag Script Injection Vulnerabilities

TextFileBB 1.0.16 - Multiple Tag Script Injection Vulnerabilities source: https://www.securityfocus.com/bid/17750/info TextFileBB is prone to multiple script-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before including i...

exploitpack•added 2006/04/29 12:0 a.m.•7 views

W-Agora 4.2 - BBCode Script Injection

W-Agora 4.2 - BBCode Script Injection source: https://www.securityfocus.com/bid/17751/info W-Agora is prone to a script-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated content. W-Agora...

Exploit DB•added 2006/04/29 12:0 a.m.•18 views

W-Agora 4.2 - BBCode Script Injection

source: https://www.securityfocus.com/bid/17751/info W-Agora is prone to a script-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated content. W-Agora can be configured to send all user...

exploitpack•added 2006/04/20 12:0 a.m.•8 views

Manic Web MWGuest 2.1 - MWguest.php HTML Injection

Manic Web MWGuest 2.1 - MWguest.php HTML Injection source: https://www.securityfocus.com/bid/17630/info MWGuest is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HT...

Exploit DB•added 2006/04/20 12:0 a.m.•18 views

Manic Web MWGuest 2.1 - 'MWguest.php' HTML Injection

source: https://www.securityfocus.com/bid/17630/info MWGuest is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context...

exploitpack•added 2006/04/15 12:0 a.m.•8 views

PHPGuestbook 0.0.21.0 - HTML Injection

PHPGuestbook 0.0.21.0 - HTML Injection source: https://www.securityfocus.com/bid/17537/info phpGuestbook is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...

Exploit DB•added 2006/04/15 12:0 a.m.•21 views

PHPGuestbook 0.0.2/1.0 - HTML Injection

source: https://www.securityfocus.com/bid/17537/info phpGuestbook is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the...

Exploit DB•added 2006/04/01 12:0 a.m.•18 views

PHPSelect Submit-A-Link - HTML Injection

source: https://www.securityfocus.com/bid/17348/info Submit-A-Link is prone to an HTML-injection vulnerability. The script fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context of th...

Exploit DB•added 2006/03/09 12:0 a.m.•28 views

sBlog 0.7.2 - 'comments_do.php' Multiple POST Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/17044/info sBlog is prone to HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context of the...

exploitpack•added 2006/03/09 12:0 a.m.•14 views

ADP Forum 2.0.x - Subject HTML Injection

ADP Forum 2.0.x - Subject HTML Injection source: https://www.securityfocus.com/bid/17047/info ADP Forum is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...

Exploit DB•added 2006/03/07 12:0 a.m.•20 views

Link Bank - 'Iframe.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17001/info Link Bank is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML content. An attacker may leverage this issu...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by