CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4502 matches found

Packet Storm•added 2008/08/19 12:0 a.m.•16 views

twiki-disclose.txt

TWiki 4.2.0 File Disclosure Vuln configure "We're brazilian newbies!!! :p" - Th1nk3r Info ---------------------------------------------------------------------------------------------------------------- Classe : Input Validation Error Remote : Yes Local : No Date : 05/08/2008 Credits : Th1nk3r...

7.4AI score

Exploits0

Cisco•added 2008/05/14 5:52 p.m.•27 views

Cisco Building Broadband Service Manager Cross-Site Scripting Vulnerability

Cisco Building Broadband Service Manager BBSM 5.3 SP2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability exists due to an input validation error in certain web pages associated with the BBSM web...

4.3CVSS6.4AI score0.01292EPSS

Exploits3References1

Tenable Nessus•added 2008/05/13 12:0 a.m.•33 views

FreeBSD : vorbis-tools -- Speex header processing vulnerability (633716fa-1f8f-11dd-b143-0211d880e350)

Secunia reports : A vulnerability has been reported in vorbis-tools, which can potentially be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an input validation error when processing Speex headers, which can be exploited via a specially crafted Spe...

9.3CVSS7.4AI score0.06136EPSS

Exploits1References2

securityvulns•added 2008/05/01 12:0 a.m.•46 views

XSS in AstroCam

XSS in AstroCam 2.5.x/2.6.x/2.7.123 ------------------------------------- Software: AstroCam Vulnerable: 2.5.0-2.7.3 Not vulnerable: 2.7.4 Class: Input Validation Error Remote: Yes Local: Yes Credit: This issue was announced by the vendor. Anouncement:...

0.2AI score

Exploits0

Tenable Nessus•added 2008/04/22 12:0 a.m.•28 views

GLSA-200804-21 : Adobe Flash Player: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200804-21 Adobe Flash Player: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Adobe Flash: Secunia Research and Zero Day Initiative reported a boundary error related to DeclareFunction2 Actionscript tags ...

9.3CVSS9.1AI score0.92501EPSS

Exploits4References8

FreeBSD•added 2008/04/18 12:0 a.m.•25 views

vorbis-tools -- Speex header processing vulnerability

Secunia reports: A vulnerability has been reported in vorbis-tools, which can potentially be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an input validation error when processing Speex headers, which can be exploited via a specially crafted Spee...

9.3CVSS6.5AI score0.06136EPSS

Exploits1References1

Packet Storm•added 2008/04/08 12:0 a.m.•17 views

alamthal-sql.txt

Default.ASPX SQL Injection Vulnerability: Al-Amthal HRMS Solution-Optimum Remote: Yes Local: Yes Class: Input Validation Error Critical: Moderately critical URL: http://www.example.com/optimum/default.aspx?page=Search&app=Search&srch=sql sql=-1//UNION//ALL//SELECT//1,2 Published: April 6, 2008...

7.4AI score

Exploits0

exploitpack•added 2008/03/25 12:0 a.m.•22 views

e107 Plugin My_Gallery 2.3 - Arbitrary File Download

e107 Plugin MyGallery 2.3 - Arbitrary File Download e107 MyGallery Plugin Arbitrary File Download Vulnerability Release Date: 2008-03-25 Critical: Moderately critical Impact: Exposure of system information, Exposure of sensitive information Where: From remote Solution Status: Unpatched Software:...

7.3AI score

Exploits0

securityvulns•added 2008/03/25 12:0 a.m.•3784 views

e107 My_Gallery Plugin Arbitrary File Download Vulnerability

e107 MyGallery Plugin Arbitrary File Download Vulnerability Release Date: 2008-03-25 Critical: Moderately critical Impact: Exposure of system information, Exposure of sensitive information Where: From remote Solution Status: Unpatched Software: MyGallery v2.3 plugin for e107 and prior Link:...

0.8AI score

Exploits0

Packet Storm•added 2008/02/25 12:0 a.m.•139 views

Core Security Technologies Advisory 2007.0930

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs Path Traversal vulnerability in VMware's shared folders implementation Advisory Information Title: Path Traversal vulnerability in VMware's shared folders implementati...

6.9CVSS0.5AI score0.00486EPSS

Exploits2

Core Security•added 2008/02/25 12:0 a.m.•27 views

Path Traversal vulnerability in VMware's shared folders implementation

Path Traversal vulnerability in VMware's shared folders implementation Core Security Technologies - CoreLabs Advisory Advisory Information Title: Path Traversal vulnerability in VMware's shared folders implementation Advisory ID: CORE-2007-0930 Advisory URL:...

6.9CVSS6AI score0.00486EPSS

Exploits2

Packet Storm•added 2008/01/22 12:0 a.m.•27 views

megabbs-xss.txt

HSC MegaBBS ASP Forum Cross-Site Scripting MegaBBS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

7.4AI score

Exploits0

securityvulns•added 2008/01/21 12:0 a.m.•203 views

MegaBBS ASP Forum Cross-Site Scripting

0.8AI score

Exploits0

exploitpack•added 2008/01/16 12:0 a.m.•17 views

Miniweb 0.8.19 - Multiple Vulnerabilities

Miniweb 0.8.19 - Multiple Vulnerabilities MiniWeb Multiple Vulnerabilities Introduction MiniWeb is a mini HTTP server implementation written in C language, featuring low system resource consumption, high efficiency, good flexibility and high portability. It is capable to serve multiple clients wi...

0.5AI score

Exploits0

securityvulns•added 2008/01/10 12:0 a.m.•41 views

iDefense Security Advisory 01.09.08: Novell NetWare Client nicm.sys Local Privilege Escalation Vulnerability

iDefense Security Advisory 01.09.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 09, 2008 I. BACKGROUND The Novell Client software provides a workstation with access to Novell NetWare networks as well as Novell Open Enterprise Server OES services. Novell Clients can access the full...

7.2CVSS0.6AI score0.0088EPSS

Exploits7

securityvulns•added 2008/01/08 12:0 a.m.•30 views

CORE-2007-1106: SynCE Remote Command Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies – CoreLabs Advisory http://www.coresecurity.com/corelabs SynCE Remote Command Injection Advisory Information Title: SynCE Remote Command Injection Advisory ID: CORE-2007-1106 Advisory URL:...

0.2AI score

Exploits0

securityvulns•added 2008/01/08 12:0 a.m.•35 views

SocialURL Login Page Cross-Site Scripting

Overview: SocialURL is a social community platform enabling you to organize your online identities. Connnect to all your social network sites with one URL. SocialURL fails to sufficiently sanitize user-supplied input data via login box. Class: Input Validation Error Example:...

2.6AI score

Exploits0

securityvulns•added 2008/01/02 12:0 a.m.•89 views

LiveCart Multiple Cross-Site Scripting Vulnerabilities

HSC LiveCart Multiple Cross-Site Scripting Vulnerabilities LiveCart is a new PHP/MySQL powered shopping cart software developed by Integry Systems. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site...

1.6AI score

Exploits0

Packet Storm•added 2007/12/28 12:0 a.m.•28 views

iportalx-xss.txt

HSC IPortalX Forums Cross-Site Scripting Vulnerability IPortalX is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score

Exploits0

securityvulns•added 2007/12/27 12:0 a.m.•53 views

[HSC] IPortalX Forums Cross-Site Scriptin

1.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by