Lucene search
K

91 matches found

Exploit DB
Exploit DB
added 2015/11/16 12:0 a.m.28 views

AlegroCart 1.2.8 - Local/Remote File Inclusion

Security Advisory - Curesec Research Team 1. Introduction Affected Product: AlegroCart 1.2.8 Fixed in: Patch AC128fix22102015 Path Link: http://forum.alegrocart.com/download/file.php?id=1047 Vendor Website: http://alegrocart.com/ Vulnerability Type: LFI/RFI Remote Exploitable: Yes Reported to...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2015/09/25 12:0 a.m.86 views

X2Engine 4.2 - Cross-Site Request Forgery

X2Engine 4.2 - Cross-Site Request Forgery Source: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-5075/ Details: It was discovered that no protection against Cross-site Request Forgery attacks was implemented, resulting in an attacker being able to...

6.8CVSS0.9AI score0.02756EPSS
Exploits4
exploitpack
exploitpack
added 2014/01/14 12:0 a.m.47 views

Apache Struts2 2.0.0 2.3.15 - Prefixed Parameters OGNL Injection

Apache Struts2 2.0.0 2.3.15 - Prefixed Parameters OGNL Injection CVE Number: CVE-2013-2251 Title: Struts2 Prefixed Parameters OGNL Injection Vulnerability Affected Software: Apache Struts v2.0.0 - 2.3.15 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.15.1 was...

9.3CVSS0.4AI score0.99998EPSS
Exploits20
0day.today
0day.today
added 2013/08/07 12:0 a.m.23 views

Wordpress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability

Exploit for php platform in category web applications Details ============================= Application: Usernoise http://usernoise.karevn.com/ Version: 3.7.8 probably earlier versions as well Type: Wordpress plugin Developer: Nikolay Karev http://karevn.com/ - http://profiles.wordpress.org/karev...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2011/08/12 12:0 a.m.24 views

Mandriva Update for mds MDVA-2011:026 (mds)

Check for the Version of mds OpenVAS Vulnerability Test Mandriva Update for mds MDVA-2011:026 mds Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

0.1AI score
Exploits0References2
0day.today
0day.today
added 2010/06/29 12:0 a.m.46 views

TornadoStore 1.4.3 SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================== TornadoStore 1.4.3 SQL Injection Vulnerability ============================================== 1. Advisory Information Title: Multiple SQL Injection in TornadoStore 1.4.3 Advisory ID:...

7.1AI score0.00961EPSS
Exploits3
Packet Storm
Packet Storm
added 2009/10/08 12:0 a.m.23 views

DreamPoll 3.1 SQL Injection / XSS

During a recent security audit of the DreamPoll 3.1 software by Dreamlevels, I discovered a number of XSS and SQL Injection vulnerabilities in the application. These vulnerabilities could be exploited to make unauthorized changes to a web site or compromise a client accessing a site that utilizes...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2009/10/08 12:0 a.m.28 views

DreamPoll 3.1 - SQL Injection

During a recent security audit of the DreamPoll 3.1 software by Dreamlevels, I discovered a number of XSS and SQL Injection vulnerabilities in the application. These vulnerabilities could be exploited to make unauthorized changes to a web site or compromise a client accessing a site that utilizes...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2009/09/28 12:0 a.m.150 views

[ONSEC-09-010] Undersky CMS SQL injection

ONSEC-09-010 Undersky CMS SQL injection Цель: Undersky CMS http://www.undersky.ru Тип: SQL инъекция Угроза: Высокая Дата обнаружения: 03.07.2009 Дата оповещения разработчика: 03.07.2009 Дата выхода исправления: 05.07.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описани...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2004/09/16 12:0 a.m.77 views

[ANNOUNCE] Apache HTTP Server 2.0.51 Released

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Apache Software Foundation and the The Apache HTTP Server Project are pleased to announce the release of version 2.0.51 of the Apache HTTP Server "Apache". This Announcement notes the significant changes in 2.0.51 as compared to 2.0.50. This versi...

5CVSS0.3AI score0.69653EPSS
Exploits1
exploitpack
exploitpack
added 2004/03/15 12:0 a.m.17 views

Phorum 5.0.3 Beta - Cross Site Scripting

Phorum 5.0.3 Beta - Cross Site Scripting Phorum Cross Site Scripting Vendor: Phorum Product: Phorum Version: tag, it will allow for pretty much any thing else, and most of you know it is not hard to execute javascript inside of a tag which is allowed. This same vulnerability also exists in...

7AI score
Exploits0
Rows per page
Query Builder