CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. dork: Copyright KerviNet eLwauxc 20.06.2009 Blind SQLinj /index.php ------------------------------------------------------------------------------------------------- if$COOKIE'userenter'==auto $enterlogin=$COOKIE'enterlogin'; $enterparol=$COOKIE'enterparol';...

7.1AI score

Exploits0

Prion•added 2009/07/05 4:30 p.m.•15 views

Sql injection

admin/edituser.php in KerviNet Forum 1.1 and earlier does not require administrative authentication, which allows remote attackers to delete arbitrary accounts and conduct SQL injection attacks via the deluserid parameter...

7.5CVSS8.5AI score0.00458EPSS

Exploits0References1Affected Software1

NVD•added 2009/07/05 4:30 p.m.•10 views

CVE-2009-2326

Multiple SQL injection vulnerabilities in KerviNet Forum 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via 1 an enterparol cookie to index.php in an auto action or 2 the topic parameter to message.php. NOTE: vector 2 can be leveraged for a cross-site scripting XSS attac...

7.5CVSS7.3AI score0.00233EPSS

Exploits0References2

NVD•added 2009/07/05 4:30 p.m.•9 views

CVE-2007-6727

SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter...

7.5CVSS8.4AI score0.00319EPSS

Exploits1References1

NVD•added 2009/07/05 4:30 p.m.•10 views

CVE-2009-2328

7.5CVSS7.7AI score0.00458EPSS

Exploits0References1

Prion•added 2009/07/05 4:30 p.m.•9 views

Sql injection

SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter...

7.5CVSS9.1AI score0.00319EPSS

Exploits1References1Affected Software1

Prion•added 2009/07/05 4:30 p.m.•8 views

Sql injection

7.5CVSS8AI score0.00233EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2009/07/05 4:30 p.m.•2 views

CVE-2007-6727

SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter...

7.5CVSS6.3AI score0.00319EPSS

Exploits1References2

Prion•added 2009/07/05 4:30 p.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in addvoting.php in KerviNet Forum 1.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the vvariant1 parameter...

3.5CVSS5.7AI score0.0036EPSS

Exploits0References3Affected Software1

Prion•added 2009/07/05 4:30 p.m.•9 views

Information disclosure

KerviNet Forum 1.1 and earlier allows remote attackers to obtain sensitive information via a direct request to 1 admin/head.php, or 2 votingdiagram.php, 3 voting.php, 4 topicssearch.php, 5 topicslist.php, 6 toppart.php, 7 quicksearch.php, 8 quickreply.php, 9 modermenu.php, 10 messageslist.php, 11...

5CVSS6.7AI score0.03403EPSS

Exploits0References1Affected Software1

NVD•added 2009/07/05 4:30 p.m.•10 views

CVE-2009-2329

5CVSS6.2AI score0.03403EPSS

Exploits0References1

NVD•added 2009/07/05 4:30 p.m.•12 views

CVE-2009-2327

Cross-site scripting XSS vulnerability in addvoting.php in KerviNet Forum 1.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the vvariant1 parameter...

3.5CVSS5.3AI score0.0036EPSS

Exploits0References3

Cvelist•added 2009/07/05 4:0 p.m.•13 views

CVE-2009-2329

6.2AI score0.03403EPSS

Exploits0References1

CVE•added 2009/07/05 4:0 p.m.•40 views

CVE-2007-6727

The CVE-2007-6727 entry describes a SQL injection in KerviNet Forum 1.1, specifically topic.php, where the parameter forum can be exploited to execute arbitrary SQL commands remotely. This is the underlying vulnerability: improper sanitization/parameter handling in the forum parameter leading to ...

7.5CVSS8.7AI score0.00319EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by