CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2006-0859

Malware in sbrugna...

7.5CVSS6.3AI score0.01921EPSS

Exploits1References8

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2006-0878

Malware in sbrugna...

10CVSS6.4AI score0.00432EPSS

Exploits0References5

Github Security Blog•added 2023/10/19 4:11 p.m.•21 views

Bunkum tokens cached in the AuthenticationService are susceptible to a use-after-free

Impact First, a little bit of background. So, in the beginning, Bunkum's AuthenticationService only supported injecting IUsers. However, as Refresh and SoundShapesServer implemented permissions systems support for injecting ITokens into endpoints was added. All was well until 4.0. Bunkum 4.0 then...

5.3CVSS6.3AI score0.00127EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2023/10/18 9:22 p.m.•9 views

CVE-2023-45814 Tokens cached in the AuthenticationService are susceptible to reuse in Bunkum

Bunkum is an open-source protocol-agnostic request server for custom game servers. First, a little bit of background. So, in the beginning, Bunkum's AuthenticationService only supported injecting IUsers. However, as Refresh and SoundShapesServer implemented permissions systems support for injecti...

5.3CVSS7.1AI score0.00127EPSS

Exploits0References2

NVD•added 2006/02/24 11:2 a.m.•8 views

CVE-2006-0874

Multiple unspecified vulnerabilities in Intensive Point iUser Ecommerce before 2.2 have unspecified vectors and impact, as addressed by "Urgent secure fixes". NOTE: this might be a duplicate of CVE-2006-0854, but the vendor announcement for this issue from January 8, 2005 is too vague to be sure,...

10CVSS6.8AI score0.00432EPSS

Exploits0References4

Prion•added 2006/02/24 11:2 a.m.•10 views

Information disclosure

10CVSS7AI score0.01921EPSS

Exploits1References4Affected Software1

CVE•added 2006/02/24 11:0 a.m.•34 views

CVE-2006-0874

CVE-2006-0874 relates to Intensive Point iUser Ecommerce prior to 2.2, with multiple unspecified vulnerabilities addressed by urgent fixes. Connected sources provide concrete detail for CVE-2006-0854 (a likely related entry): PHP remote file inclusion in common.php that lets remote attackers incl...

10CVSS6.9AI score0.00432EPSS

Exploits0References4Affected Software1

Cvelist•added 2006/02/24 11:0 a.m.•15 views

CVE-2006-0874

6.8AI score0.00432EPSS

Exploits0References4

securityvulns•added 2006/02/24 12:0 a.m.•25 views

[SA18903] iUser Ecommerce common.php File Inclusion Vulnerability

TITLE: iUser Ecommerce common.php File Inclusion Vulnerability SECUNIA ADVISORY ID: SA18903 VERIFY ADVISORY: http://secunia.com/advisories/18903/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: iUser Ecommerce 2.x http://secunia.com/product/8175/ DESCRIPTION: ReZEN ha...

0.7AI score

Exploits0

Positive Technologies•added 2006/02/24 12:0 a.m.•2 views

PT-2006-1920 · Intensive Point · Intensive Point Iuser Ecommerce

Name of the Vulnerable Software and Affected Versions: Intensive Point iUser Ecommerce versions prior to 2.2 Description: The issue involves multiple unspecified vulnerabilities with unspecified vectors and impact. These vulnerabilities have been addressed by urgent secure fixes. Recommendations:...

10CVSS6.9AI score0.00432EPSS

Exploits0References5

securityvulns•added 2006/02/24 12:0 a.m.•29 views

[SA19003] iUser Ecommerce Unspecified Vulnerabilities

TITLE: iUser Ecommerce Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA19003 VERIFY ADVISORY: http://secunia.com/advisories/19003/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: From remote SOFTWARE: iUser Ecommerce 2.x http://secunia.com/product/8175/ DESCRIPTION: Some vulnerabilities...

1.4AI score

Exploits0

Cvelist•added 2006/02/23 2:0 a.m.•14 views

CVE-2006-0854

PHP remote file inclusion vulnerability in common.php in Intensive Point iUser Ecommerce allows remote attackers to include arbitrary files via a URL in the includepath variable, which is not initialized before being used...

6.6AI score0.01921EPSS

Exploits1References7

CVE•added 2006/02/23 2:0 a.m.•46 views

CVE-2006-0854

CVE-2006-0854 describes a PHP remote file inclusion in Intensive Point iUser Ecommerce. The vulnerability arises because common.php uses the include_path without initialization, allowing an attacker to include arbitrary files via a URL. Per NVD, the CVSS v2 base score is 7.5 (HIGH). The connected...

7.5CVSS6.7AI score0.01921EPSS

Exploits1References7Affected Software1

Packet Storm•added 2006/02/20 12:0 a.m.•31 views

XOR-iUser.txt

------=Part352119317884.1140054596440 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=...

7.4AI score

Exploits0

securityvulns•added 2006/02/16 12:0 a.m.•23 views

[Full-disclosure] iUser Ecommerce - Remote Command Execution Vulnerability

======================================================================================= XOR Crew :: Security Advisory 1/10/2006 ======================================================================================= iUser Ecommerce - Remote Command Execution Vulnerability...

Exploits0

securityvulns•added 2001/08/25 12:0 a.m.•45 views

[SNS Advisory No.40] TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability

---------------------------------------------------------------------- SNS Advisory No.40 TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability Problem first discovered: 21 Aug 2001 Published: Fri, 24 Aug 2001...

0.9AI score

Exploits0

securityvulns•added 2001/08/22 12:0 a.m.•32 views

[SNS Advisory No.38] Trend Micro Virus Buster (Ver.3.5x) Remote File Disclosure With IUSER Privilege Vulnerability

---------------------------------------------------------------------- SNS Advisory No.38 Trend Micro Virus Buster Ver.3.5x Remote File Disclosure With IUSER Privilege Vulnerability Problem first discovered: Wed, 18 Jul 2001 Published: Mon, 20 Aug 2001...

0.7AI score

Exploits0

Packet Storm News•added 2001/05/17 12:0 a.m.•3 views

sa2001_02.txt

NSFOCUS Security Advisory SA2001-02 - The nsfocus team has found a vulnerability in filename processing of CGI program in MS IIS4.0/5.0, as discussed in ms01-026. CGI filename is decoded twice by error. Exploitation of this vulnerability leads to intruders being able to run arbitrary system...

7.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by