CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

Openbugbounty•added 2018/06/13 6:19 p.m.•7 views

aprim2014.org XSS vulnerability

Open Bug Bounty ID: OBB-631333 Description| Value ---|--- Affected Website:| aprim2014.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0

Openbugbounty•added 2018/06/13 5:32 p.m.•8 views

ombullies.com XSS vulnerability

Open Bug Bounty ID: OBB-631243 Description| Value ---|--- Affected Website:| ombullies.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0

CNVD•added 2018/06/11 12:0 a.m.•1 views

Schools Alert Management Script Absolute Path Traversal Vulnerability

Schools Alert Management Script is a set of school management system scripts. An absolute path traversal vulnerability exists in PHP Scripts Mall Schools Alert Management Script. The vulnerability can be exploited to read arbitrary files via the f parameter in img.php...

7.5CVSS7.7AI score0.8551EPSS

Exploits4References1

CVE•added 2018/06/08 11:0 a.m.•77 views

CVE-2018-12054

Summary (CVE-2018-12054): The Schools Alert Management Script is vulnerable to an arbitrary file read via the f parameter in img.php (absolute path traversal). Exploitation PoC shows /img.php?f=/./etc/./passwd, enabling read of sensitive local files. Affected software: PHP Scripts Mall Schools Al...

7.5CVSS7.5AI score0.8551EPSS

Exploits4References2Affected Software1

Cvelist•added 2018/06/08 11:0 a.m.•16 views

CVE-2018-12054

Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absolute path traversal...

7.5AI score0.8551EPSS

Exploits4References2

Openbugbounty•added 2018/05/19 7:24 a.m.•11 views

berezovskii.ru XSS vulnerability

Open Bug Bounty ID: OBB-618478 Description| Value ---|--- Affected Website:| berezovskii.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0

Openbugbounty•added 2018/05/19 7:21 a.m.•9 views

tuhtin.ru XSS vulnerability

Open Bug Bounty ID: OBB-618475 Description| Value ---|--- Affected Website:| tuhtin.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0

Openbugbounty•added 2018/02/25 2:31 p.m.•10 views

bruidstaartspecialist.nl XSS vulnerability

Open Bug Bounty ID: OBB-568030 Description| Value ---|--- Affected Website:| bruidstaartspecialist.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score

Exploits0

Openbugbounty•added 2018/02/25 2:26 p.m.•12 views

im-sexy.fr XSS vulnerability

Open Bug Bounty ID: OBB-568008 Description| Value ---|--- Affected Website:| im-sexy.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score

Exploits0

Openbugbounty•added 2017/10/11 10:10 a.m.•10 views

robak.linuxpl.info XSS vulnerability

Vulnerable URL: http://robak.linuxpl.info/img.php?img=%22/%3E%3Cscript%3Ealert/OPENBUGBOUNTY/;%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 09.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated...

6.3AI score

Exploits0

Openbugbounty•added 2017/10/05 1:0 p.m.•9 views

summilux.net XSS vulnerability

Vulnerable URL: http://www.summilux.net/notes/vario-img.php?url=%22/%3E%3Cscript%3Ealert/OPENBUGBOUNTY/;%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 03.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 443195 VIP...

6.3AI score

Exploits0

Exploit DB•added 2011/08/28 12:0 a.m.•29 views

WordPress Plugin Profiles 2.0 RC1 - SQL Injection

Exploit Title: WordPress Profiles plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- $query = "SELECT FROM ".$wpdb-prefix."bios WHERE id='$GETid'"; ... $result = mysqlquery$query;...

7.4AI score

Exploits0

Packet Storm•added 2011/08/28 12:0 a.m.•22 views

WordPress Profiles 2.0 RC1 SQL Injection

0.4AI score

Exploits0

Packet Storm•added 2010/12/24 12:0 a.m.•24 views

Joomla XMovie 1.0 Local File Inclusion

Exploit Title: Joomla Component comxmovie 1.0 Local File Inclusion Vulnerability Author: KelvinX [email protected] Websites: http://xgroup.vn, http://kelvinx.net, http://facebook.com/kelvinxgr Date: December, 24-2010 Location: HCM City, Vietnam ------------------------ Application: comxmovie...

0.1AI score

Exploits0

Prion•added 2008/11/14 6:8 p.m.•13 views

Sql injection

Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 aka Uploader PRO, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to a img.php, b file.php, c mail.php, d thumb.php, e zip.php, and f zipit.php, and 2 the view parameter t...

6.8CVSS9.3AI score0.00414EPSS

Exploits1References4Affected Software1

securityvulns•added 2006/06/09 12:0 a.m.•30 views

cms-bandits 2.5, Remote command execution

----------------------------------------------------- Advisory id: FSA:006 Author: Federico Fazzi Date: 08/06/2006, 11:09 Sinthesis: cms-bandits 2.5, Remote command execution Type: high Product: http://sourceforge.net/projects/cms-bandits Patch: unavailable...

0.8AI score

Exploits0

NVD•added 2006/03/24 2:2 a.m.•10 views

CVE-2006-1377

Cross-site scripting XSS vulnerability in img.php in 1 EasyMoblog 0.5.1 and 2 CoMoblog 1.1 allows remote attackers to inject arbitrary web script or HTML via the i parameter...

4.3CVSS5.7AI score0.03084EPSS

Exploits1References13

Prion•added 2006/03/24 2:2 a.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in img.php in 1 EasyMoblog 0.5.1 and 2 CoMoblog 1.1 allows remote attackers to inject arbitrary web script or HTML via the i parameter...

4.3CVSS6.2AI score0.03084EPSS

Exploits1References13Affected Software2

Cvelist•added 2006/03/24 2:0 a.m.•15 views

CVE-2006-1377

Cross-site scripting XSS vulnerability in img.php in 1 EasyMoblog 0.5.1 and 2 CoMoblog 1.1 allows remote attackers to inject arbitrary web script or HTML via the i parameter...

5.7AI score0.03084EPSS

Exploits1References13

CVE•added 2006/03/24 2:0 a.m.•47 views

CVE-2006-1377

The CVE-2006-1377 entry describes a Cross-site scripting (XSS) vulnerability in img.php for the applications EasyMoblog 0.5.1 and CoMoblog 1.1 , where an attacker can inject arbitrary web script or HTML via the i parameter. The vulnerability is triggered remotely and the impact stated is that the...

4.3CVSS5.7AI score0.03084EPSS

Exploits1References13Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by