CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

30 matches found

seebug.org•added 2014/07/01 12:0 a.m.•15 views

GaliX 2.0 Index.PHP Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/24066/info GaliX is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

securityvulns•added 2007/05/30 12:0 a.m.•44 views

RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerability

SalesCart Shopping Cart - SQL Injection Vulnerability SalesCart does not sanitize any forms in cgi-bin/reorder2.asp, allowing an attacker to inject arbitrary SQL queries, as well as possible command execution. Google d0rk: "Sorry, you have no Items in your Shopping Cart !" inurl:cgi-bin/view1.asp...

Packet Storm•added 2007/05/23 12:0 a.m.•20 views

clonuswiki-xss.txt

ClonusWiki .5 - Cross-Site Scripting Vulnerability ClonusWiki .5 - Cross-Site Scripting Vulnerability discovered by John Martinelli of RedLevel Security Google d0rk: "ClonusWiki .5" intitle:"ClonusWiki" file index.php - variable query - method get "alert1"...

Packet Storm•added 2007/05/23 12:0 a.m.•25 views

rmeasymail-xss.txt

RM EasyMail Plus - Cross-Site Scripting Vulnerability 2 This cross-site scripting vulnerability can be exploited if a client views an email with a specially crafted title. Vulnerable E-Mail Title: alert1 Vulnerable: RM EasyMail Plus Google d0rk: intitle:"Powered by RM EasyMail Plus" John Martinel...

Packet Storm•added 2007/05/22 12:0 a.m.•28 views

hlstarts-xss2.txt

HLstats v1.35 - Cross-Site Scripting Vulnerability 2 HLstats v1.35 - Cross-Site Scripting Vulnerability 2 discovered by John Martinelli of RedLevel Security Google d0rk: "generated in real-time by HLstats" file hlstats.php - variable action - method get alert1"...

Packet Storm•added 2007/05/22 12:0 a.m.•20 views

hlstats-xss.txt

HLstats v1.35 Cross-Site Scripting Vulnerability HLstats contains a cross-site scripting vulnerability that may be exploited through the URI. Vulnerability: http://target.com/hlstats/hlstats.php/"alert1 Vulnerable: HLstats v1.35 other versions may also be vulnerable Google d0rk: "generated in...

Packet Storm•added 2007/05/21 12:0 a.m.•38 views

vpasp-xss.txt

VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability discovered by John Martinelli of RedLevel Security Google d0rk: intitle:"VP-ASP Shopping Cart 6.50" file shopcontent.asp - variable type - method get "...

securityvulns•added 2007/05/21 12:0 a.m.•39 views

RedLevel Advisory #017 - HLstats v1.35 Cross-Site Scripting Vulnerability #2

!-- HLstats v1.35 - Cross-Site Scripting Vulnerability 2 Vulnerable Variable: action Vulnerable File: hlstats.php Vulnerable: HLstats 1.2 other versions may also be vulnerable Google d0rk: "generated in real-time by HLstats" John Martinelli [email protected] RedLevel Security...

securityvulns•added 2007/05/18 12:0 a.m.•44 views

RedLevel Advisory #015 - Redoable 1.2 Cross-Site Scripting Vulnerability (patch included)

note to editors: this patch resolves this vulnerability: http://redlevel.org/wp-content/uploads/patch.zip !-- Redoable 1.2 - Cross-Site Scripting Vulnerability --------------- Vulnerable Code --------------- header.php line 6: ... elseif issearch ? Search for ?php echo $s ... searchloop.php line...

Exploit DB•added 2007/05/17 12:0 a.m.•30 views

WordPress Theme Redoable 1.2 - 'header.php?s' Cross-Site Scripting

source: https://www.securityfocus.com/bid/24037/info Redoable is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Packet Storm•added 2007/05/08 12:0 a.m.•24 views

podium-cookie.txt

Podium CMS - Cookie Manipulation Exploit Podium CMS - Cookie Manipulation Exploitdiscovered by John MartinelliGoogle d0rk: inurl:"podium/Default.aspx" "...

securityvulns•added 2007/05/03 12:0 a.m.•37 views

Bradford CampusManager v3.1(6) Sensitive Data Disclosure

Bradford CampusManager v3.16 Sensitive Data Disclosure The following directories should be protected from world readability. Child folders include backup, log, and configuration files. http://cmnms.target.com:8080/runTime/ http://cmnms.target.com:8080/remediationReports/ Vulnerable: CampusManager...

seebug.org•added 2007/04/26 12:0 a.m.•25 views

phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit

No description provided by source. !-- phpMySpace Gold v8.10 - Blind SQL/XPath Injection Exploit Vulnerable Variable: itemid Vulnerable File: modules/news/article.php Vulnerable: phpMySpace Gold v8.10 other versions should also be vulnerable Google d0rk: "Powered by phpMySpace Gold 8.10" John...

Packet Storm•added 2007/04/24 12:0 a.m.•24 views

pmsgold-sql.txt

phpMySpace Gold v8.10 - Blind SQL/XPath Injection Exploit phpMySpace Gold v8.10 - Blind SQL/XPath Injection Exploitdiscovered by John MartinelliGoogle d0rk: "Powered by Ripe Website Manager"...

securityvulns•added 2007/04/24 12:0 a.m.•42 views

Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit

!-- Ripe Website Manager = 0.8.4 - SQL Injection Vulnerability and Cross-Site Scripting Exploit Vulnerable Variable: ripeformpost Cross-Site Scripting and SQL Injection possible Vulnerable File: contact/index.php Vulnerable: Ripe Website Manager = 0.8.4 Google d0rk: "Powered by Ripe Website...

securityvulns•added 2007/04/24 12:0 a.m.•44 views

phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit

!-- phpMySpace Gold v8.10 - Blind SQL/XPath Injection Exploit Vulnerable Variable: itemid Vulnerable File: modules/news/article.php Vulnerable: phpMySpace Gold v8.10 other versions should also be vulnerable Google d0rk: "Powered by phpMySpace Gold 8.10" John Martinelli [email protected]...

Exploit DB•added 2007/04/23 12:0 a.m.•25 views

Ripe Website Manager 0.8.4 - '/contact/index.php?ripeformpost' SQL Injection

source: https://www.securityfocus.com/bid/23597/info Ripe Website Manager Ripe Website Manager discovered by John MartinelliGoogle d0rk: "Powered by Ripe Website Manager" alert1;"...

securityvulns•added 2007/04/20 12:0 a.m.•39 views

NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities

NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities Vulnerable: NuclearBB Alpha 1 Google d0rk: "This forum is powered by NuclearBB" ============= String Inputs ============= ---------------------------- login.php - $POST'submit' ---------------------------- username=xyz...

Packet Storm•added 2007/04/19 12:0 a.m.•20 views

nuclearbb-sql.txt

NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities Vulnerable: NuclearBB Alpha 1 Google d0rk: "This forum is powered by NuclearBB" ============= String Inputs ============= ---------------------------- login.php - $POST'submit' ---------------------------- username=xyz...

Packet Storm•added 2007/04/19 12:0 a.m.•30 views

galix.txt

GaliX² v2.0 - Cross-Site Scripting Exploit GaliX² v2.0 - Cross-Site Scripting Exploitdiscovered by John MartinelliGoogle d0rk: "GaliX² v2.0" alert1;"...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by