CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

9133 matches found

Exploit DB•added 2006/03/27 12:0 a.m.•20 views

SaPHPLesson 2.0 - 'print.php' SQL Injection

source: https://www.securityfocus.com/bid/17239/info SaphpLesson is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

Exploit DB•added 2006/03/27 12:0 a.m.•23 views

DSLogin 1.0 - 'index.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/17262/info DSLogin is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromis...

Prion•added 2006/03/23 11:6 a.m.•15 views

Design/Logic Flaw

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server OES sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session...

5CVSS7.2AI score0.0313EPSS

Exploits0References9Affected Software1

exploitpack•added 2006/03/22 12:0 a.m.•13 views

1WebCalendar 4.0 - newsnewsView.cfm?NewsID SQL Injection

1WebCalendar 4.0 - newsnewsView.cfm?NewsID SQL Injection source: https://www.securityfocus.com/bid/17193/info 1WebCalendar is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL...

securityvulns•added 2006/03/22 12:0 a.m.•56 views

Sendmail 8.13.6 release notes

8.13.6/8.13.6 2006/03/22 SECURITY: Replace unsafe use of setjmp3/longjmp3 in the server and client side of sendmail with timeouts in the libsm I/O layer and fix problems in that code. Also fix handling of a buffer in smsyslog which could have been used as an attack vector to exploit the unsafe...

securityvulns•added 2006/03/21 12:0 a.m.•36 views

FreeRADIUS EAP authentication bypass and DoS

EAP-MSCHAPv2 implementation problems...

Exploits0References1Affected Software1

securityvulns•added 2006/03/21 12:0 a.m.•67 views

[Full-disclosure] [MU-200603-01] MailEnable POP3 Pre-Authentication Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MailEnable POP3 Pre-Authentication Buffer Overflow MU-200603-01 March 20, 2006 http://labs.musecurity.com/advisories.html Affected Product / Versions: MailEnable Professional 1.7, 1.71, 1.72 MailEnable Standard 1.91, 1.92 MailEnable Enterprise 1.2...

exploitpack•added 2006/03/18 12:0 a.m.•11 views

MusicBox 2.3 - index.php SQL Injection

MusicBox 2.3 - index.php SQL Injection source: https://www.securityfocus.com/bid/17149/info MusicBox is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...

Exploit DB•added 2006/03/18 12:0 a.m.•18 views

MusicBox 2.3 - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/17149/info MusicBox is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful...

exploitpack•added 2006/03/16 12:0 a.m.•9 views

Oxynews - index.php SQL Injection

Oxynews - index.php SQL Injection source: https://www.securityfocus.com/bid/17132/info Oxynews is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow a...

Debian•added 2006/03/06 8:5 a.m.•20 views

[SECURITY] [DSA 986-1] New gnutls11 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 986-1 [email protected] http://www.debian.org/security/ Martin Schulze March 6th, 2006 http://www.debian.org/security/faq -...

7.5CVSS6.6AI score0.03507EPSS

exploitpack•added 2006/03/06 12:0 a.m.•13 views

Invision Power Board 2.1.5 - showtopic SQL Injection

Invision Power Board 2.1.5 - showtopic SQL Injection source: https://www.securityfocus.com/bid/16971/info Invision Power Board is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A...

Exploit DB•added 2006/03/06 12:0 a.m.•30 views

Invision Power Board 2.1.5 - showtopic SQL Injection

source: https://www.securityfocus.com/bid/16971/info Invision Power Board is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

exploitpack•added 2006/02/25 12:0 a.m.•14 views

D3Jeeb Pro 3 - fastlinks.php?catid SQL Injection

D3Jeeb Pro 3 - fastlinks.php?catid SQL Injection source: https://www.securityfocus.com/bid/16853/info D3Jeeb is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successfu...

securityvulns•added 2006/02/18 12:0 a.m.•45 views

libapreq library DoS

Incorrect functions "apreqparseheaders" and "apreqparseurlencoded" implementation...

Exploits0References1Affected Software1

Exploit DB•added 2006/02/18 12:0 a.m.•19 views

Webpagecity WPC easy - SQL Injection

source: https://www.securityfocus.com/bid/16721/info Webpagecity 'WPC.easy' is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker to...

securityvulns•added 2006/02/16 12:0 a.m.•33 views

honeyd security advisory: remote detection

Honeyd Security Advisory 2006-001 ================================= Topic: Remote Detection Via Multiple Probe Packets Version: All versions prior to Honeyd 1.5 Severity: Identification of Honeyd installations allows an adversary to launch attacks specifically against Honeyd. No remote root explo...

Tenable Nessus•added 2006/02/15 12:0 a.m.•42 views

GLSA-200602-07 : Sun JDK/JRE: Applet privilege escalation

The remote host is affected by the vulnerability described in GLSA-200602-07 Sun JDK/JRE: Applet privilege escalation Applets executed using JRE or JDK can use 'reflection' APIs functions to elevate its privileges beyond the sandbox restrictions. Adam Gowdiak discovered five vulnerabilities that...

6.4CVSS6.2AI score0.05335EPSS

Exploits0References7

Packet Storm•added 2006/02/14 12:0 a.m.•41 views

dotProject-2.0.1.txt

dotproject Date: Feb. 14 2006 Vendor: dotproject.net contacted Description: dotProject is a volunteer supported Project Management application. Details: The 'protection.php' script does not properly validate user-supplied input in the 'siteurl' parameter. Some user-supplied input is not checked...

exploitpack•added 2006/02/14 12:0 a.m.•9 views

sNews - index.php Multiple SQL Injections

sNews - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/16647/info sNews is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabiliti...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by