Lucene search
K

54 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-6098

Malware in sbrugna...

5.8CVSS6.4AI score0.03224EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-4408

Malware in sbrugna...

5CVSS6.4AI score0.02499EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-2128

Malware in sbrugna...

6.8CVSS6.4AI score0.02104EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-6225

Malware in sbrugna...

6.8CVSS6.4AI score0.04516EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-7713

Malware in sbrugna...

7.5CVSS6.2AI score0.02956EPSS
Exploits3References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-5913

Malware in sbrugna...

7.5CVSS6.4AI score0.02563EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-28610

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.01771EPSS
Exploits0References5
Gitee
Gitee
added 2021/07/15 10:12 p.m.4 views

pikachu

It is an offensive tool for web application security training. The primary CVE ID is not explicitly mentioned, but the tool is designed to simulate various web application vulnerabilities, including Burt Force 暴力破解漏洞, XSS 跨站脚本漏洞, CSRF 跨站请求伪造, SQL-Inject SQL注入漏洞, RCE 远程命令/代码执行, Files Inclusion...

6.1AI score
Exploits0
CVE
CVE
added 2020/01/09 6:9 p.m.83 views

CVE-2020-6167

The CVE-2020-6167 entry concerns WordPress plugin Minimal Coming Soon & Maintenance Mode (versions up to 2.10). The vulnerability is a CSRF to stored XSS and setting changes, permitted by a lack of nonce checks on settings endpoints, enabling an attacker to enable maintenance mode, inject XSS, mo...

9.6CVSS8.5AI score0.00924EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2019/12/05 10:45 a.m.7 views

SUSE-SU-2019:3188-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues: Security issues fixed: - CVE-2019-14834: Fixed a memory leak which could have allowed to remote attackers to cause denial of service via DHCP response creation bsc1154849 - CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processi...

7.5CVSS5.8AI score0.02664EPSS
Exploits0References8
Node.js
Node.js
added 2019/11/29 5:54 p.m.28 views

Arbitrary File Write

Overview Versions of iobroker.controller prior to 2.0.25 are vulnerable to Path Traversal. The package fails to restrict access to folders outside of the intended /adapter/ folder, which may allow attackers to include arbitrary files in the system. An attacker would need to be authenticated to...

5CVSS4.1AI score0.02158EPSS
Exploits1Affected Software1
OSV
OSV
added 2017/05/18 4:29 p.m.22 views

CVE-2017-9067

In MODX Revolution before 2.5.7, when PHP 5.3.3 is used, an attacker is able to include and execute arbitrary files on the web server due to insufficient validation of the action parameter to setup/index.php, aka directory traversal...

7CVSS7.5AI score
Exploits0References3
Cvelist
Cvelist
added 2017/05/03 5:0 p.m.22 views

CVE-2016-9976

IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL request, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-Force ID: 120252...

8.4AI score0.01715EPSS
Exploits0References2
securityvulns
securityvulns
added 2015/08/17 12:0 a.m.24 views

Cisco Unified Communications Manager multiple security vulnerabilities

Code execution, authentication bypass, local files inclusion...

2.7AI score
Exploits0References1Affected Software1
0day.today
0day.today
added 2015/06/22 12:0 a.m.16 views

Audio Share 2.0.2 Cross Site Scripting / Remote File Inclusion Vulnerabilities

Audio Share version 2.0.2 suffers from cross site scripting and remote file inclusion vulnerabilities. | Title : Audio Share v2.0.2 Multi Vulnerability | Author : indoushka | email : email protected | Dork : Powered by AudioShareScript.com | Tested on: windows 8.1 Français V.Pro | Download :...

6.8AI score
Exploits0
NVD
NVD
added 2014/10/21 2:55 p.m.20 views

CVE-2012-5242

Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the name parameter in a gettemplate action...

6.8CVSS7AI score0.02537EPSS
Exploits5References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

PAJAX Remote Command Execution

No description provided by source. $Id: pajaxremoteexec.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
0day.today
0day.today
added 2014/04/17 12:0 a.m.20 views

PTCeffect <= 4.6 LFI & SQL Injection Vulnerabilities

PTCeffect also known as ptcevolution is vulnerable to an sql injection. It let you grab admin password and basically everything you want in db. You don't need to have an account on the vulnerable site to use this exploit. The LFI vulnerability is in index.php...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2012/12/09 12:0 a.m.24 views

F5 FirePass SSL VPN information leakage

CitrixAuth.php local files inclusion...

1.1AI score
Exploits0References1Affected Software1
Atlassian
Atlassian
added 2012/11/29 1:27 p.m.17 views

CreateSupportZipAction directory traversal

There’s a directory traversal vulnerability in the CreateSupportZipAction action that allows a malicious user to include arbitrary log files into a support zip. This is because the SupportUtility object is marked as @ParameterSafe, and no validation is performed on its serverLogsDirectory path...

2AI score
Exploits0Affected Software1
Rows per page
Query Builder