Lucene search
K

152 matches found

0day.today
0day.today
added 2016/04/06 12:0 a.m.35 views

SocialEngine 4.8.9 - SQL Injection

Exploit for php platform in category web applications Product: SocialEngine Vendor: Webligo Vulnerable Versions: 4.8.9 and probably prior Tested Version: 4.8.9 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Public Disclosure: April 6, 2016...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/03/19 12:0 a.m.39 views

Dating Pro Genie 2015.7 Cross Site Request Forgery

Advisory ID: HTB23294 Product: Dating Pro Vendor: DatingPro Vulnerable Versions: Genie 2015.7 and probably prior Tested Version: Genie 2015.7 Advisory Publication: February 10, 2016 without technical details Vendor Notification: February 10, 2016 Vendor Patch: February 29, 2016 Public Disclosure:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2016/02/18 12:0 a.m.41 views

WeBid 1.1.2P2 SQL Injection

Advisory ID: HTB23292 Product: WeBid Vendor: WeBid Vulnerable Versions: 1.1.2P2 and probably prior Tested Version: 1.1.2P2 Advisory Publication: January 22, 2016 without technical details Vendor Notification: January 22, 2016 Vendor Patch: February 4, 2016 Public Disclosure: February 17, 2016...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2016/01/15 12:0 a.m.112 views

mcart.xls Bitrix Module 6.5.2 - SQL Injection

mcart.xls Bitrix Module 6.5.2 - SQL Injection Advisory ID: HTB23279 Product: mcart.xls Bitrix module Vendor: www.mcart.ru Vulnerable Versions: 6.5.2 and probably prior Tested Version: 6.5.2 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015...

6CVSS8.4AI score0.02731EPSS
Exploits5
0day.today
0day.today
added 2016/01/15 12:0 a.m.91 views

Roundcube 1.1.3 - Directory Traversal

Exploit for php platform in category web applications Product: Roundcube Vendor: Roundcube.net Vulnerable Versions: 1.1.3 and probably prior Tested Version: 1.1.3 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Vendor Patch: December 26, 20...

6CVSS0.1AI score0.23592EPSS
Exploits5
htbridge
htbridge
added 2016/01/13 12:0 a.m.520 views

Remote Code Execution in Exponent

High-Tech Bridge Security Research Lab discovered critical vulnerability in Exponent CMS, which can be exploited to inject and execute arbitrary PHP code on the vulnerable system with the privileges of the web server. The vulnerability resides within "/install/index.php" script, when handling...

10CVSS9.8AI score0.06636EPSS
Exploits3Affected Software1
0day.today
0day.today
added 2015/12/17 12:0 a.m.53 views

Zen Cart 1.5.4 Local File Inclusion Vulnerability

Zen Cart version 1.5.4 suffers from a local file inclusion vulnerability. Product: Zen Cart Vendor: Zen Ventures, LLC Vulnerable Versions: 1.5.4 Tested Version: 1.5.4 Advisory Publication: November 25, 2015 without technical details Vendor Notification: November 25, 2015 Vendor Patch: November 26...

10CVSS9.4AI score0.15641EPSS
Exploits6
exploitpack
exploitpack
added 2015/12/14 12:0 a.m.107 views

Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal

Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal Advisory ID: HTB23278 Product: bitrix.xscan Bitrix module Vendor: Bitrix Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18,...

6.5CVSS0.1AI score0.08357EPSS
Exploits5
Exploit DB
Exploit DB
added 2015/12/14 12:0 a.m.115 views

Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion

Advisory ID: HTB23281 Product: bitrix.mpbuilder Bitrix module Vendor: www.1c-bitrix.ru Vulnerable Versions: 1.0.10 and probably prior Tested Version: 1.0.10 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015 Vendor Patch: November 25, 2015...

9CVSS6.5AI score0.06631EPSS
Exploits5
0day.today
0day.today
added 2015/12/11 12:0 a.m.90 views

bitrix.scan Bitrix 1.0.3 Path Traversal Vulnerability

bitrix.scan Bitrix module version 1.0.3 suffers from a path traversal vulnerability. Product: bitrix.xscan Bitrix module Vendor: Bitrix Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: November 18, 2015 without technical details Vendor Notification: Novemb...

6.5CVSS0.5AI score0.08357EPSS
Exploits5
Packet Storm
Packet Storm
added 2015/12/11 12:0 a.m.61 views

bitrix.mpbuilder Bitrix 1.0.10 Local File Inclusion

Advisory ID: HTB23281 Product: bitrix.mpbuilder Bitrix module Vendor: www.1c-bitrix.ru Vulnerable Versions: 1.0.10 and probably prior Tested Version: 1.0.10 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015 Vendor Patch: November 25, 2015...

9CVSS0.1AI score0.06631EPSS
Exploits5
Packet Storm
Packet Storm
added 2015/12/02 12:0 a.m.63 views

WordPress Gwolle Guestbook 1.5.3 Remote File Inclusion

Advisory ID: HTB23275 Product: Gwolle Guestbook WordPress Plugin Vendor: Marcel Pol Vulnerable Versions: 1.5.3 and probably prior Tested Version: 1.5.3 Advisory Publication: October 14, 2015 without technical details Vendor Notification: October 14, 2015 Vendor Patch: October 16, 2015 Public...

9.2AI score0.37032EPSS
Exploits4
0day.today
0day.today
added 2015/11/19 12:0 a.m.68 views

Horde Groupware 5.2.10 Cross Site Request Forgery Vulnerability

Horde Groupware version 5.2.10 suffers from a cross site request forgery vulnerability. Product: Horde Groupware Vendor: http://www.horde.org Vulnerable Versions: 5.2.10 and probably prior Tested Version: 5.2.10 Advisory Publication: September 30, 2015 without technical details Vendor Notificatio...

6.8CVSS0.6AI score0.04116EPSS
Exploits5
htbridge
htbridge
added 2015/10/07 12:0 a.m.513 views

Two Reflected XSS Vulnerabilities in Calls to Action WordPress plugin

High-Tech Bridge Security Research Lab discovered two Cross-Site Scripting XSS vulnerabilities in a popular WordPress plugin Calls to Action. A remote attacker might be able to steal user's and administrator’s cookies, credentials and browser history, modify web page content to perform phishing...

4.3CVSS0.2AI score0.02645EPSS
Exploits3Affected Software1
0day.today
0day.today
added 2015/09/24 12:0 a.m.77 views

iTop 2.1.0-2127 Cross Site Scripting Vulnerability

iTop version 2.1.0-2127 suffers from a cross site scripting vulnerability. Product: iTop Vendor: Combodo SARL Vulnerable Versions: 2.1.0-2127 and probably prior Tested Version: 2.1.0-2127 Advisory Publication: July 29, 2015 without technical details Vendor Notification: July 29, 2015 Vendor Patch...

4.3CVSS6.1AI score0.05477EPSS
Exploits3
Packet Storm
Packet Storm
added 2015/09/23 12:0 a.m.70 views

iTop 2.1.0-2127 Cross Site Scripting

Advisory ID: HTB23268 Product: iTop Vendor: Combodo SARL Vulnerable Versions: 2.1.0-2127 and probably prior Tested Version: 2.1.0-2127 Advisory Publication: July 29, 2015 without technical details Vendor Notification: July 29, 2015 Vendor Patch: July 30, 2015 Public Disclosure: September 23, 2015...

6.2AI score0.05477EPSS
Exploits3
Packet Storm
Packet Storm
added 2015/09/02 12:0 a.m.55 views

Cerb 7.0.3 Cross Site Request Forgery

Advisory ID: HTB23269 Product: Cerb Vendor: Webgroup Media LLC Vulnerable Versions: 7.0.3 and probably prior Tested Version: 7.0.3 Advisory Publication: August 12, 2015 without technical details Vendor Notification: August 12, 2015 Vendor Patch: August 14, 2015 Public Disclosure: September 2, 201...

6.8CVSS0.6AI score0.02617EPSS
Exploits5
0day.today
0day.today
added 2015/09/02 12:0 a.m.55 views

Cerb 7.0.3 Cross Site Request Forgery Vulnerability

Cerb version 7.0.3 suffers from a cross site request forgery vulnerability. Product: Cerb Vendor: Webgroup Media LLC Vulnerable Versions: 7.0.3 and probably prior Tested Version: 7.0.3 Advisory Publication: August 12, 2015 without technical details Vendor Notification: August 12, 2015 Vendor Patc...

6.8CVSS0.4AI score0.02617EPSS
Exploits5
Exploit DB
Exploit DB
added 2015/09/02 12:0 a.m.50 views

Cerb 7.0.3 - Cross-Site Request Forgery

Advisory ID: HTB23269 Product: Cerb Vendor: Webgroup Media LLC Vulnerable Versions: 7.0.3 and probably prior Tested Version: 7.0.3 Advisory Publication: August 12, 2015 without technical details Vendor Notification: August 12, 2015 Vendor Patch: August 14, 2015 Public Disclosure: September 2, 201...

6.8CVSS6.6AI score0.02617EPSS
Exploits5
securityvulns
securityvulns
added 2015/08/24 12:0 a.m.60 views

Cross-Site Scripting (XSS) in qTranslate WordPress Plugin

Advisory ID: HTB23265 Product: qTranslate WordPress plugin Vendor: Qian Qin Vulnerable Versions: 2.5.39 and probably prior Tested Version: 2.5.39 Advisory Publication: July 1, 2015 without technical details Vendor Notification: July 1, 2015 Public Disclosure: July 29, 2015 Vulnerability Type:...

4.3CVSS0.2AI score0.02055EPSS
Exploits3
Rows per page
Query Builder