CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

874 matches found

0day.today•added 2018/06/21 12:0 a.m.•47 views

LFCMS 3.7.0 - Cross-Site Request Forgery (Add User) Vulnerability

Exploit for php platform in category web applications Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: users can be added arbitrarily. Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203740.html Software Link: http://www.lfdycms.com/home/down/index/id/26.html...

0.1AI score0.03041EPSS

0day.today•added 2018/06/11 12:0 a.m.•23 views

Event Manager Admin panel - events_new.php SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Event Manager PHP Script Admin panel - 'eventsnew.php' SQL injection Exploit Author: telahdihapus Vendor Homepage: https://codecanyon.net/user/ezcode Software Link:...

Exploit DB•added 2018/06/11 12:0 a.m.•25 views

userSpice 4.3.24 - Username Enumeration

Exploit Title: userSpice 4.3.24 - Username Enumeration Date: 2018-06-10 Author: Dolev Farhi Vendor or Software Link: www.userspice.com Version: 4.3.24 Tested on: Ubuntu import sys import os.path import requests print"+ UserSpice 4.3.24 Username Enumeration" if lensys.argv != 3: print 'Usage:',...

Packet Storm•added 2018/06/05 12:0 a.m.•46 views

Jenkins Mailer Cross Site Request Forgery

Exploit Title : Jenkins mailer plugin \ '+table'covermessage'+'' s = smtplib.SMTPtable'smtpserver' s.starttls s.logintable'lid', table'lpw' s.sendmailmsg'From', msg'To', msg.asstring def urlset : url = strinput"Jenkins Server's URLex : http://vuln.jenkin...

6CVSS0.6AI score0.06773EPSS

Packet Storm•added 2018/06/05 12:0 a.m.•48 views

Clone 2 GO Video Converter 2.8.2 Unicode Buffer Overflow

!/usr/bin/python ---------------------------------------------------------------------------------------------------------------------- Exploit Title : Clone 2 GO Video converter 2.8.2 Unicode Buffer Overflow Remote Code Execution Exploit Author : Gokul Babu Organisation : Arridae Infosec P.V Ltd...

Exploit DB•added 2018/06/04 12:0 a.m.•31 views

EMS Master Calendar < 8.0.0.20180520 - Cross-Site Scripting

Exploit Title: EMS Master Calendar alert'XSS'xyz...

6.1CVSS6.5AI score0.03474EPSS

Packet Storm•added 2018/06/03 12:0 a.m.•24 views

Smartshop 1 SQL Injection

Exploit Title: Smartshop 1 - SQL Injection Date: 2018-06-02 Exploit Author: L0RD or [email protected] Software Link: https://github.com/smakosh/Smartshop/archive/master.zip Vendor Homepage: https://www.behance.net/gallery/49080415/Smartshop-Free-e-commerce-website Version: 1 Tested on...

0day.today•added 2018/05/29 12:0 a.m.•28 views

Ingenious School Management System - id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Ingenious School Management System - SQL Injection Exploit Author: Meisam Monsef - email protected - @meisamrce Vendor Homepage: https://www.codester.com/items/4945/ingenious-school-management-system Version: All Version Exploit...

Packet Storm•added 2018/05/29 12:0 a.m.•33 views

Sitemakin SLAC 1.0 SQL Injection

Exploit Title: SLAC v1.0: Blind SQL Injection / XPath Injection Date: 29-05-2018 Vendor Homepage: https://sitemakin.com/login-script-demo Exploit Author: Divya Jain Version: v1.0 CVE: CVE-2018-11535 Category: Webapps Severity: High Tested on: KaLi LinuXx64 Proof of Concept:...

0day.today•added 2018/05/29 12:0 a.m.•37 views

EasyService Billing 1.0 - (q) SQL Injection Vulnerability

Exploit for php platform in category web applications !-- Exploit Title: EasyService Billing 1.0 SQL Injection on page jobcard-ongoing.php?q= Software Link: https://codecanyon.net/item/easyservice-billing-php-scripts-for-quotation-invoice-payments-etc/16687594 Exploit Author: Divya Jain Version:...

0.3AI score0.0328EPSS

0day.today•added 2018/05/29 12:0 a.m.•22 views

easyLetters 1.0 - (id) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: easyLetters 1.0 - 'id' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/easyletters/5281396 Version: 1.0 Category: Webapps Tested on: Kali linux...

Exploit DB•added 2018/05/26 12:0 a.m.•29 views

easyLetters 1.0 - 'id' SQL Injection

Exploit Title: easyLetters 1.0 - 'id' SQL Injection Dork: N/A Date: 25.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/easyletters/5281396 Version: 1.0 Category: Webapps Tested on: Kali linux ==================================================== Demo ...

Exploit DB•added 2018/05/25 12:0 a.m.•37 views

KomSeo Cart 1.3 - 'my_item_search' SQL Injection

Exploit Title: KomSeo Cart 1.3 - 'edit.php' SQL Injection Dork: N/A Date: 25.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor: SITEMAKIN Vendor Homepage: https://sitemakin.com Version: 1.3 Category: Webapps Tested on: Kali linux Description : The vulnerability allows an attacker to inject...

Packet Storm•added 2018/05/24 12:0 a.m.•26 views

EU MRV Regulatory Complete Solution 1 SQL Injection

Exploit Title: EU MRV Regulatory Complete Solution 1 - Authentication Bypass Date: 2018-05-24 Exploit Author: Veyselxan Vendor Homepage: https://codecanyon.net/item/eu-mrv-regulatory-complete-solution/21680923?srank=11 Version: v1 REQUIRED Tested on: Windows...

Packet Storm•added 2018/05/23 12:0 a.m.•28 views

MySQL Smart Reports 1.0 Cross Site Scripting / SQL Injection

Exploit Title: MySQL Smart Reports 1.0 - SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor Homepage: https://codecanyon.net/item/mysql-smart-reports-online-report-generator-with-existing-data/16836503 Version: 1.0 Category: Webapps...

Exploit DB•added 2018/05/23 12:0 a.m.•27 views

FTPShell Server 6.80 - Buffer Overflow (SEH)

!/usr/bin/python ---------------------------------------------------------------------------------------------------------- Exploit Title : FTPShell Server v6.80 - Local Buffer Overflow SafeSEH Bypass Exploit Author : Hashim Jawad - @ihack4falafel Vendor Homepage : http://www.ftpshell.com/...

Exploit DB•added 2018/05/23 12:0 a.m.•52 views

PHP Dashboards 4.5 - SQL Injection

Exploit Title: PHP Dashboards 4.5 - SQL Injection Dork: N/A Date: 2018-05-23 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/php-dashboards-v50-brand-new-enterprise-edition/21540104 Version: v4.5 Category: Webapps Tested on: Kali linux Description: PHP...

Exploit DB•added 2018/05/23 12:0 a.m.•19 views

MySQL Blob Uploader 1.7 - 'home-file-edit.php' SQL Injection / Cross-Site Scripting

Exploit Title: MySQL Blob Uploader 1.7 - 'home-file-edit.php' SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/mysql-file-and-image-uploader-and-sharing-blob-file-server/17748300 Version: 1.7 -...

0day.today•added 2018/05/22 12:0 a.m.•38 views

PaulPrinting CMS Printing 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: PaulPrinting CMS Printing 1.0 - SQL Injection Software Link: https://codecanyon.net/item/paulprinting-cms-printing-solutions/19546365 Author: Mehmet Onder Key Version: 1.0 Tested On: Linux 1. Description Any visitor can run code...

0day.today•added 2018/05/22 12:0 a.m.•30 views

Merge PACS 7.0 - Cross-Site Request Forgery Vulnerability

Exploit for linux platform in category web applications Exploit Title: Merge PACS 7.0 - Cross-Site Request Forgery Exploit Author: Safak Aslan Vendor Homepage: http://www.merge.com/ Version: Merge PACS 7.0 Tested on: Windows CVE: - 1. Proof of Concept history.pushState'', '', '/' Post Data: POST...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by