CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

295 matches found

Exploit DB•added 2010/07/18 12:0 a.m.•34 views

Kayako eSupport 3.70.02 - 'functions.php' SQL Injection

Peace !! Name : Kayako eSupport v3.70.02 SQL Injection Vulnerability Date : july 18,2010 Vendor urL : http://www.kayako.com/solutions/esupport/ Dork :Find It !! Author : ScOrPiOn Greetz : Dr.Dmar & Joker1 & HiDDen HaCkEr & GeNeRaL KbKb & And All My Friends Effect : /includes/functions.php Here Th...

0day.today•added 2010/07/18 12:0 a.m.•21 views

Kayako eSupport (functions.php) v3.70.02 SQL Injection Vulnerability

Exploit for php platform in category web applications ==================================================================== Kayako eSupport functions.php v3.70.02 SQL Injection Vulnerability ==================================================================== Name : Kayako eSupport v3.70.02 SQL...

Packet Storm•added 2010/04/17 12:0 a.m.•30 views

ZykeCMS 1.1 SQL Injection

====================================================== ZykeCMS V1.1 Auth Bypass SQL Injection Vulnerability ====================================================== Author : Giuseppe 'giudinvx' D'Inverno Email : Date : 04-16-2010 Site : http://www.giudinvx.altervista.org/ Location : Naples, Italy...

exploitpack•added 2010/04/16 12:0 a.m.•24 views

Zyke CMS 1.1 - Authentication Bypass

Zyke CMS 1.1 - Authentication Bypass ====================================================== ZykeCMS V1.1 Auth Bypass SQL Injection Vulnerability ====================================================== Author : Giuseppe 'giudinvx' D'Inverno Email : Date : 04-16-2010 Site :...

Exploit DB•added 2010/04/16 12:0 a.m.•35 views

Zyke CMS 1.1 - Authentication Bypass

====================================================== ZykeCMS V1.1 Auth Bypass SQL Injection Vulnerability ====================================================== Author : Giuseppe 'giudinvx' D'Inverno Email : Date : 04-16-2010 Site : http://www.giudinvx.altervista.org/ Location : Naples, Italy...

seebug.org•added 2009/12/31 12:0 a.m.•16 views

WordPress 2.2 functions.php 跨站脚本攻击漏洞

No description provided by source...

exploitpack•added 2009/12/26 12:0 a.m.•19 views

Datenator 0.3.0 - event.php?id SQL Injection

Datenator 0.3.0 - event.php?id SQL Injection Exploit Title: Datenator 0.3.0 event.php id SQL Injection Date: 26.12.09 Author: TheHuliGun Look on code in event.php: 22: ifisset$GET'id' 23: 24: $event = $datenator-readeventinfo$GET'id'; Function readeventinfo is in file includes/functions.php 412:...

0day.today•added 2009/11/10 12:0 a.m.•19 views

WordPress MU 1.2.2 - 1.3.1 'wp-includes/wpmu-functions.php' CSS

Exploit for unknown platform in category web applications ================================================================================ WordPress MU 1.2.2 - 1.3.1 'wp-includes/wpmu-functions.php' Cross-Site Scripting Vulnerability...

seebug.org•added 2009/11/10 12:0 a.m.•14 views

WordPress MU 1.2.2 - 1.3.1 'wp-includes/wpmu-functions.php' Cross-Site Scripting Vulnerability

No description provided by source. An attacker can exploit this issue by enticing an unsuspecting user to follow a malicious URI. The following proof of concept is available: curl -H "Cookie: my cookies here" -H "Host: body onload=alertString.fromCharCode88,83,83"...

Packet Storm•added 2009/10/12 12:0 a.m.•15 views

Community Translate Remote File Inclusion

o Community Translate Remote File Inclusion Vulnerability Software : Community Translate Project Home : http://code.google.com/p/communitytranslate/ Author : NoGe Contact : nogedotcodeatgmaildotcom Blog : http://evilc0de.blogspot.com/ Home : http://antisecurity.org/ o Vulnerable file...

seebug.org•added 2009/10/12 12:0 a.m.•13 views

Community Translate File Inclusion Vulnerability

No description provided by source. o Community Translate Remote File Inclusion Vulnerability Software : Community Translate Project Home : http://code.google.com/p/communitytranslate/ Author : NoGe Contact : nogedotcodeatgmaildotcom Blog : http://evilc0de.blogspot.com/ Home :...

Exploit DB•added 2009/10/12 12:0 a.m.•19 views

Community Translate - Remote File Inclusion

o Community Translate Remote File Inclusion Vulnerability Software : Community Translate Project Home : http://code.google.com/p/communitytranslate/ Author : NoGe Contact : nogedotcodeatgmaildotcom Blog : http://evilc0de.blogspot.com/ Home : http://antisecurity.org/ o Vulnerable file...

seebug.org•added 2009/07/30 12:0 a.m.•18 views

Orbis CMS 1.0 (AFD/ADF/ASU/SQL) Multiple Remote Vulnerabilities

No description provided by source. + Orbis CMS 1.0 AFD/ADF/ASU/SQL Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Dork : Powered by Orbis CMS + Download script : http://www.novo-ws.com/orbis-cms/download.shtml + Arbitrary File Download + -...

exploitpack•added 2009/07/27 12:0 a.m.•7 views

Limny 1.01 - Authentication Bypass

Limny 1.01 - Authentication Bypass + Limny 1.01 Auth Bypass SQL Injection Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Script Homepage : http://www.limny-project.com/ + SQL Injection Vulnerability - Notes : magicquotesgpc = off - Vulnerable code in...

seebug.org•added 2009/07/27 12:0 a.m.•13 views

Limny 1.01 (Auth Bypass) SQL Injection Vulnerability

No description provided by source. + Limny 1.01 Auth Bypass SQL Injection Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Script Homepage : http://www.limny-project.com/ + SQL Injection Vulnerability - Notes : magicquotesgpc = off - Vulnerable code in...

NVD•added 2009/07/08 3:30 p.m.•15 views

CVE-2009-2380

Cross-site scripting XSS vulnerability in includes/functions.php in 4images 1.7 through 1.7.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the url variable...

4.3CVSS5.6AI score0.01065EPSS

Exploits0References5

Prion•added 2009/06/22 7:30 p.m.•9 views

Directory traversal

Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic 1.09, when used on a case-insensitive web site, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the ssuri parameter, in conjunction with a modified component name...

5.1CVSS7.5AI score0.02427EPSS

Exploits1References6Affected Software1

Cvelist•added 2009/06/22 7:0 p.m.•27 views

CVE-2009-2161

Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic 1.09, when used on a case-insensitive web site, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the ssuri parameter, in conjunction with a modified component name...

7.7AI score0.02427EPSS

Exploits1References6

Packet Storm•added 2009/06/03 12:0 a.m.•17 views

eliteCMS 1.01 XSS / SQL Injection

eliteCMS 1.01 SQL/XSS Multiple Remote Vulns by xenohive greets to daganarus, dearest of all my friends. SQL injection requires magicquotes = off -/includes/functions.php --------------------------------- 89. function getpagesettings ... 92. $query = "SELECT FROM pages WHERE id = '$GET'page''"; 93...

0day.today•added 2009/06/01 12:0 a.m.•12 views

eliteCMS 1.01 (SQL/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ======================================================= eliteCMS 1.01 SQL/XSS Multiple Remote Vulnerabilities ======================================================= eliteCMS 1.01 SQL/XSS Multiple Remote Vulns by xenohive greets to...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by