CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-4191

Malware in sbrugna...

10CVSS6.4AI score0.00378EPSS

Exploits0References5

OSV•added 2021/12/14 4:15 p.m.•2 views

CVE-2021-39314

The WooCommerce EnvioPack WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the dataid parameter found in the /includes/functions.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2...

6.1CVSS6.4AI score0.0021EPSS

Exploits0References2

CNNVD•added 2021/12/14 12:0 a.m.•0 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.WooCommerce EnvioPack plugin is a WordPress open source application plugin.The WordPress WooCommerce EnvioPack plugin h...

6.1CVSS5.7AI score0.0021EPSS

Exploits0References3

CNVD•added 2019/02/19 12:0 a.m.•1 views

ZoneMinder Command Injection Vulnerability

ZoneMinder is a free and open source CCTV software application for Linux environments that supports IP, USB and analog cameras. A command injection vulnerability exists in ZoneMinder prior to version 1.32.3 in the daemonControl in includes/functions.php, which can be exploited by an attacker via...

9.8CVSS7.6AI score0.03002EPSS

Exploits1References1

OSV•added 2019/02/18 12:29 a.m.•1 views

DEBIAN-CVE-2019-8427

daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters...

9.8CVSS7.7AI score0.03002EPSS

Exploits1References1

OSV•added 2019/02/18 12:29 a.m.•0 views

UBUNTU-CVE-2019-8427

daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters...

9.8CVSS7.3AI score0.03002EPSS

Exploits1References4

Positive Technologies•added 2007/10/18 12:0 a.m.•2 views

PT-2007-6586 · Phpcms · Phpscms

Name of the Vulnerable Software and Affected Versions: phpSCMS versions 0.0.1-Alpha1 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter in the includes/functions.php file. This is a remote file inclusion issue. Note that the identified code...

9.8CVSS7.6AI score0.0068EPSS

Exploits0References3

Positive Technologies•added 2007/10/01 12:0 a.m.•2 views

PT-2007-6256 · Nexty · Nexty

Name of the Vulnerable Software and Affected Versions: Nexty version 1.01.A Beta Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the rel parameter in the includes/functions/layout.php file. This is disputed because the applicable include is in a function...

6.8CVSS7.7AI score0.0086EPSS

Exploits1References3

Prion•added 2007/05/30 1:30 a.m.•12 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in FirmWorX 0.1.2 allow remote attackers to execute arbitrary PHP code via a URL in the 1 bankdataroot parameter to modules/bank/includes/design/main.inc.php, or the 2 fmdataroot parameter to a includes/config/master.inc.php or b...

7.5CVSS8.2AI score0.11429EPSS

Exploits1References7Affected Software1

Prion•added 2006/04/27 11:2 p.m.•13 views

Sql injection

SQL injection vulnerability in portfoliophotopopup.php in Verosky Media Instant Photo Gallery 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, which is not cleansed before calling the countclick function in includes/functions/fnsstd.php. NOTE: this issue could...

6.8CVSS9.1AI score0.02297EPSS

Exploits1References9Affected Software1

Cvelist•added 2006/04/27 11:0 p.m.•12 views

CVE-2006-2080

8.3AI score0.02297EPSS

Exploits1References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by