CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1017 matches found

exploitpack•added 2005/05/24 12:0 a.m.•23 views

Sambar Server 5.x6.06.1 - logout RCredirect Cross-Site Scripting

Sambar Server 5.x6.06.1 - logout RCredirect Cross-Site Scripting source: https://www.securityfocus.com/bid/13722/info Sambar Server administrative interface does not adequately filter some HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to crea...

exploitpack•added 2005/05/09 12:0 a.m.•9 views

AOL Instant Messenger 4.x5.x - Smiley Icon Location Remote Denial of Service

AOL Instant Messenger 4.x5.x - Smiley Icon Location Remote Denial of Service source: https://www.securityfocus.com/bid/13553/info AOL Instant Messenger is reported prone to a remote denial of service vulnerability. The issue manifests when the affected client application handles a chat invitation...

Exploit DB•added 2005/05/09 12:0 a.m.•16 views

AOL Instant Messenger 4.x/5.x - Smiley Icon Location Remote Denial of Service

source: https://www.securityfocus.com/bid/13553/info AOL Instant Messenger is reported prone to a remote denial of service vulnerability. The issue manifests when the affected client application handles a chat invitation, a file transfer, or a game request that contains 'smiley' HTML code that...

Tenable Nessus•added 2005/04/14 12:0 a.m.•39 views

phpBB Photo Album Module <= 2.0.53 Multiple Vulnerabilities

The installed version of phpBB on the remote host includes a photo album module that has multiple vulnerabilities: - A SQL Injection Vulnerability An attacker can pass arbitrary SQL code through the 'mode' parameter of the 'albumsearch.php' script to manipulate database queries. - Various...

7.5CVSS6.3AI score0.01324EPSS

Exploits2References3

securityvulns•added 2005/04/13 12:0 a.m.•21 views

Centra 7 XSS Exploit

Centra is a program used by businesses and colleges, it allows users to stream microsoft office and other applications over the web in a nice enviroment with voip options. However on root directory when you go in to enroll for a session if you create or modify your username, first name, or last...

Tenable Nessus•added 2005/03/17 12:0 a.m.•87 views

Phorum < 5.0.15 Multiple XSS

The version of Phorum installed on the remote host is prone to multiple cross-site scripting vulnerabilities due to its failure to sanitize user input. An attacker can exploit these flaws to potentially cause arbitrary script and HTML code to be rendered by a user's browser in the context of the...

4.3CVSS5.7AI score0.03614EPSS

Exploits2References4

securityvulns•added 2005/03/16 12:0 a.m.•28 views

html code include in phpnuke news crash IE 6

www.wormzweb.tk ------------------------------------------------------------------------ ------------------------------------------------------------------------ ENGLISH ------------------------------------------------------------------------...

FreeBSD•added 2005/02/28 12:0 a.m.•20 views

phpbb -- Insuffient check against HTML code in usercp_register.php

Neo Security Team reports: If we specify a variable in the html code any type: hidden, text, radio, check, etc with the name allowhtml, allowbbcode or allowsmilies, is going to be on the html, bbcode and smilies in our signature. This is a low risk vulnerability that allows users to bypass...

Exploits0References2

exploitpack•added 2005/02/15 12:0 a.m.•20 views

osCommerce 2.2 - Contact_us.php Cross-Site Scripting

osCommerce 2.2 - Contactus.php Cross-Site Scripting source: https://www.securityfocus.com/bid/12568/info A vulnerability is reported to exist in osCommerce that may allow a remote user to launch cross-site scripting attacks. This issue could permit a remote attacker to create a malicious URI link...

Tenable Nessus•added 2005/01/19 12:0 a.m.•27 views

pLog register.php Multiple Parameter XSS

The remote host is running pLog, a blogging system written in PHP. The remote version of this software does not perform a proper validation of user-supplied input and is, therefore, vulnerable to a cross-site scripting attack. To exploit this flaw, an attacker would need to use the script...

Packet Storm•added 2005/01/02 12:0 a.m.•19 views

ANI-DoS.txt

1111111111111111111111...

NVD•added 2004/12/31 5:0 a.m.•11 views

CVE-2004-2138

Cross-site scripting XSS vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the 1 Name, 2 Email, 3 Homepage or 4 Comments field...

6.8CVSS6AI score0.01473EPSS

Exploits1References4

Exploit DB•added 2004/12/13 12:0 a.m.•17 views

UBBCentral UBB.Threads 6.2.3/6.5 - 'calendar.php?Cat' Cross-Site Scripting

source: https://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input prior to including it in dynamically generated web...

exploitpack•added 2004/10/26 12:0 a.m.•7 views

Microsoft Internet Explorer 6 - Font Tag Denial of Service

Microsoft Internet Explorer 6 - Font Tag Denial of Service source: https://www.securityfocus.com/bid/11536/info Microsoft Internet Explorer is reported prone to a remote denial of service vulnerability. The issue presents itself due to a malfunction that occurs when certain font tags are...

exploitpack•added 2004/07/29 12:0 a.m.•13 views

Verylost LostBook 1.1 - Message Entry HTML Injection

Verylost LostBook 1.1 - Message Entry HTML Injection source: https://www.securityfocus.com/bid/10825/info Reportedly Verylost lostBook is affected by an HTML injection vulnerability in its message entry functionality. This issue is due to a failure of the application to properly validate and...

Exploit DB•added 2004/05/21 12:0 a.m.•103 views

e107 Website System 0.5/0.6 - 'Log.php' HTML Injection

source: https://www.securityfocus.com/bid/10395/info It is reported that e107 website system is prone to a remote HTML injection vulnerability. This issue is due to a failure by the application to properly sanitize user-supplied input. The problem presents itself when a user supplies malicious HT...

exploitpack•added 2004/04/22 12:0 a.m.•11 views

PISG 0.54 - IRC Nick HTML Injection

PISG 0.54 - IRC Nick HTML Injection source: https://www.securityfocus.com/bid/10195/info pisg has been reported prone to an input validation vulnerability. The issue will only present itself when pisg is used to monitor an IRC server that does not place limitations on IRC Nick values that can be...

Exploit DB•added 2004/01/28 12:0 a.m.•30 views

BRS Webweaver 1.0.7 - 'ISAPISkeleton.dll' Cross-Site Scripting

source: https://www.securityfocus.com/bid/9516/info BRS WebWeaver has been reported prone to a cross-site scripting vulnerability. An attacker may create a malicious link to the vulnerable server that includes embedded HTML and script code. If this link is followed by a victim user, hostile code...

exploitpack•added 2004/01/26 12:0 a.m.•14 views

Xoops 2.0.x - viewtopic.php Cross-Site Scripting

Xoops 2.0.x - viewtopic.php Cross-Site Scripting source: https://www.securityfocus.com/bid/9497/info It has been reported that Xoops may be prone to a cross-site scripting vulnerability that may allow a remote user to execute HTML or script code in a user's browser. HTML and script code may be...

Exploit DB•added 2004/01/26 12:0 a.m.•213 views

Xoops 2.0.x - 'viewtopic.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/9497/info It has been reported that Xoops may be prone to a cross-site scripting vulnerability that may allow a remote user to execute HTML or script code in a user's browser. HTML and script code may be parsed via the 'topicid' and 'forum' URI parameters...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by