CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1162 matches found

exploitpack•added 2010/09/07 12:0 a.m.•12 views

ColdUserGroup 1.06 - Blind SQL Injection

ColdUserGroup 1.06 - Blind SQL Injection !/usr/bin/python ColdGen - coldusergroup v1.06 0day Remote Blind SQL Injection Exploit Vendor: http://www.coldgen.com/ Found by: mrme ----------------------------------------------- Script provided 'as is', without any warranty. Use for educational purpose...

0.1AI score

Exploits0

Exploit DB•added 2010/09/02 12:0 a.m.•31 views

CMS WebManager-Pro - 'c.php' SQL Injection

source: https://www.securityfocus.com/bid/42951/info CMS WebManager-Pro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...

7.4AI score

Exploits0

OpenVAS•added 2010/09/02 12:0 a.m.•49 views

Adobe ColdFusion Directory Traversal Vulnerability (APSB10-18)

Adobe ColdFusion is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

9.8CVSS9.7AI score0.99721EPSS

Exploits13References6

OpenVAS•added 2010/08/31 12:0 a.m.•5 views

Serv-U Denial of Service and Security Bypass Vulnerabilities

Serv-U is prone to denial-of-service and security-bypass vulnerabilities. Exploiting these issues can allow attackers to create directories without having sufficient permissions, or crash the affected application, resulting in denial-of-service conditions. Versions prior to Serv-U 10.2.0.0 are...

0.2AI score

Exploits0References3

Exploit DB•added 2010/07/28 12:0 a.m.•17 views

KVIrc 4.0 - '\r' Carriage Return in DCC Handshake Remote Command Execution

source: https://www.securityfocus.com/bid/42026/info KVIrc is prone to a remote command-execution vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to execute arbitrary commands within the context of the affected...

7.4AI score

Exploits0

Packet Storm•added 2010/07/23 12:0 a.m.•37 views

Joomla Jomtube SQL Injection

=============================================================================== Joomla Component comjomtube userid Blind SQL Injection / SQL Injection =============================================================================== Author : SixP4ck3r Email & msn : [email protected] Date : 17...

7.4AI score

Exploits0

ThreatPost•added 2010/07/07 1:46 p.m.•10 views

How to Own a Database With SQL Injection

SQL injection is the most common penetration technique employed by hackers to steal valuable information from corporate databases. Yet, as widespread as this method of attack is, a seemingly infinite number of ‘sub-methods,’ or variations of SQL Injection attacks can be carried out against the...

0.8AI score

Exploits0

exploitpack•added 2010/07/03 12:0 a.m.•13 views

cPanel 11.25 - Cross-Site Request Forgery

cPanel 11.25 - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/41391/info cPanel is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions. This may lead to further attacks. cPanel 11.25...

1AI score

Exploits0

exploitpack•added 2010/06/29 12:0 a.m.•16 views

Grafik CMS - admin.php SQL Injection Cross-Site Scripting

Grafik CMS - admin.php SQL Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/41227/info Grafik CMS is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these...

0.4AI score

Exploits0

exploitpack•added 2010/06/17 12:0 a.m.•6 views

TurboFTP Server 1.20.745 - Directory Traversal

TurboFTP Server 1.20.745 - Directory Traversal source: https://www.securityfocus.com/bid/40919/info TurboFTP Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to download or upload...

0.2AI score

Exploits0

exploitpack•added 2010/06/17 12:0 a.m.•8 views

Firebook - Multiple Cross-Site Scripting Directory Traversal Vulnerabilities

Firebook - Multiple Cross-Site Scripting Directory Traversal Vulnerabilities source: https://www.securityfocus.com/bid/40941/info Firebook is prone to multiple cross-site scripting vulnerabilities and directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied inpu...

0.1AI score

Exploits0

Exploit DB•added 2010/06/17 12:0 a.m.•29 views

Firebook - Multiple Cross-Site Scripting / Directory Traversal Vulnerabilities

source: https://www.securityfocus.com/bid/40941/info Firebook is prone to multiple cross-site scripting vulnerabilities and directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script...

7.4AI score

Exploits0

OpenVAS•added 2010/06/15 12:0 a.m.•7 views

Cherokee URI Directory Traversal Vulnerability and Information Disclosure Vulnerability

Cherokee is prone to a directory-traversal vulnerability and an information- disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting the issues may allow an attacker to obtain sensitive information that could aid in further attacks. Cherokee...

7AI score

Exploits0References3

OpenVAS•added 2010/06/14 12:0 a.m.•32 views

Perl IO::Socket::SSL 'verify_hostname_of_cert()' Security Bypass Vulnerability

The IO::Socket::SSL module for Perl is prone to a security- bypass vulnerability because the application fails to properly validate certificate hostnames. Successfully exploiting this issue allows attackers to bypass certain security restrictions, which may aid in further attacks. Versions prior ...

4.3CVSS0.00996EPSS

Exploits0References3

OpenVAS•added 2010/05/31 12:0 a.m.•20 views

Core FTP Server Directory Traversal Vulnerability

Core FTP Server is prone to a directory traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

7.2AI score

Exploits0References1

OpenVAS•added 2010/05/21 12:0 a.m.•28 views

IBM WebSphere Application Server Long Filename Information Disclosure Vulnerability

IBM WebSphere Application Server WAS is prone to an information- disclosure vulnerability. Exploiting this issue may allow an attacker to access sensitive information that may aid in further attacks. This issue affects WAS 6.0, 6.1, and 7.0. OpenVAS Vulnerability Test $Id: gbibmwebsphere40277.nas...

5CVSS6.1AI score0.01881EPSS

Exploits4References4

OpenVAS•added 2010/05/17 12:0 a.m.•17 views

phpGroupWare Multiple Vulnerabilities

phpGroupWare is prone to multiple SQL-injection vulnerabilities and to a Local File Include Vulnerability because it fails to sufficiently sanitize user-supplied data before using it. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, an...

7.5CVSS6.4AI score0.0233EPSS

Exploits3References2

Packet Storm•added 2010/05/14 12:0 a.m.•39 views

Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow

$Id: ms10004textbytesatom.rb 9299 2010-05-14 02:43:55Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS0.6AI score0.51073EPSS

Exploits8

0day.today•added 2010/05/14 12:0 a.m.•25 views

Badoo Services Limited & XSS Vulnerabilities

Exploit for php platform in category web applications ============================================ Badoo Services Limited & XSS Vulnerabilities ============================================ Product: Badoo Services online community Web: http://eu1.badoo.com/ http://badoo.com/ Versions: All version...

7.1AI score

Exploits0

OpenVAS•added 2010/05/12 12:0 a.m.•9 views

Mereo <= 1.9.1 Directory Traversal Vulnerability - Active Check

Mereo is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.2AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by