CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

332 matches found

OSV•added 2010/01/07 6:30 p.m.•1 views

DEBIAN-CVE-2009-4589

Cross-site scripting XSS vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter...

4.3CVSS6AI score0.00388EPSS

Exploits1References1

Cvelist•added 2010/01/07 6:13 p.m.•32 views

CVE-2009-4589

5.6AI score0.00388EPSS

Exploits1References7

Cvelist•added 2009/12/02 5:0 p.m.•28 views

CVE-2009-4155

Multiple SQL injection vulnerabilities in Eshopbuilde CMS allow remote attackers to execute arbitrary SQL commands via the sitebid parameter to 1 home-f.asp and 2 opinions-f.asp; 3 sitebid, 4 id, 5 secText, 6 client-ip, and 7 Gid parameters to more-f.asp; 8 sitebid, 9 id, 10 maid, 11 miid, 12...

8.5AI score0.00271EPSS

Exploits0References1

NVD•added 2008/10/23 5:17 p.m.•16 views

CVE-2008-4704

PHP remote file inclusion vulnerability in SezHooTabsAndActions.php in SezHoo 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter...

10CVSS7.5AI score0.02844EPSS

Exploits1References4

NVD•added 2008/01/10 11:46 p.m.•11 views

CVE-2008-0224

SQL injection vulnerability in index.php in the Newbbplus 0.92 and earlier module in RunCMS 1.6.1 allows remote attackers to execute arbitrary SQL commands via the Client-Ip parameter...

7.5CVSS8.4AI score0.00338EPSS

Exploits1References4

Prion•added 2008/01/10 11:46 p.m.•14 views

Sql injection

SQL injection vulnerability in index.php in the Newbbplus 0.92 and earlier module in RunCMS 1.6.1 allows remote attackers to execute arbitrary SQL commands via the Client-Ip parameter...

7.5CVSS9AI score0.00338EPSS

Exploits1References4Affected Software1

Cvelist•added 2008/01/10 11:0 p.m.•15 views

CVE-2008-0224

SQL injection vulnerability in index.php in the Newbbplus 0.92 and earlier module in RunCMS 1.6.1 allows remote attackers to execute arbitrary SQL commands via the Client-Ip parameter...

8.4AI score0.00338EPSS

Exploits1References4

Cvelist•added 2007/12/28 9:0 p.m.•24 views

CVE-2007-6583

SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via the ip parameter...

8.4AI score0.00271EPSS

Exploits0References2

Cvelist•added 2007/08/14 6:0 p.m.•22 views

CVE-2007-4334

Cross-site scripting XSS vulnerability in whois.php in Php-stats 0.1.9.2 allows remote attackers to inject arbitrary web script or HTML via the IP parameter...

5.6AI score0.032EPSS

Exploits1References6

Prion•added 2006/02/08 1:2 a.m.•19 views

Sql injection

SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the 1 GatewayID parameter in an add action in AddGatewaySettings.asp and 2 IP parameter in IPManager.asp...

6.5CVSS8.6AI score0.01243EPSS

Exploits1References6Affected Software1

Cvelist•added 2005/05/14 4:0 a.m.•19 views

CVE-2005-1559

The web module in Neteyes Nexusway allows remote attackers to execute arbitrary commands via hex-encoded shell metacharacters in the ip parameter for 1 nslookup.cgi or 2 ping.cgi...

7.7AI score0.04899EPSS

Exploits1References6