CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-1804

Malware in sbrugna...

7.5CVSS6.4AI score0.02466EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2008-3546

Malware in sbrugna...

4.3CVSS6.4AI score0.02524EPSS

Exploits1References6

Check Point Advisories•added 2014/11/10 12:0 a.m.•1 views

XOOPS Module Kshop Remote SQL Injection (CVE-2007-1810)

An SQL injection vulnerability has been reported in Kaotik Kshop. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS8.2AI score0.02466EPSS

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•20 views

Kshop 2.22 'kshop_search.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30576/info Kshop is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of ...

7.1AI score

Exploits0

Prion•added 2008/08/08 7:41 p.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in kshopsearch.php in the Kshop module 2.22 for Xoops allows remote attackers to inject arbitrary web script or HTML via the search parameter...

4.3CVSS6.2AI score0.02524EPSS

Exploits1References5Affected Software1

NVD•added 2008/08/08 7:41 p.m.•10 views

CVE-2008-3560

Cross-site scripting XSS vulnerability in kshopsearch.php in the Kshop module 2.22 for Xoops allows remote attackers to inject arbitrary web script or HTML via the search parameter...

4.3CVSS5.8AI score0.02524EPSS

Exploits1References5

CVE•added 2008/08/08 7:0 p.m.•37 views

CVE-2008-3560

The CVE-2008-3560 entry describes a Cross-site scripting (XSS) flaw in the Kshop module 2.22 for Xoops, exploitable via the search parameter in kshop_search.php. Affected component: kshop_search.php (Kshop 2.22 for Xoops). Root cause: input not properly sanitized, enabling injection of arbitrary ...

4.3CVSS5.8AI score0.02524EPSS

Exploits1References5Affected Software1

Cvelist•added 2008/08/08 7:0 p.m.•19 views

CVE-2008-3560

Cross-site scripting XSS vulnerability in kshopsearch.php in the Kshop module 2.22 for Xoops allows remote attackers to inject arbitrary web script or HTML via the search parameter...

5.8AI score0.02524EPSS

Exploits1References5

Packet Storm•added 2008/08/06 12:0 a.m.•27 views

kshop-xss.txt

Kshop module search variable&field remote XSS Vendor url:http://www.kaotik.biz/ Advisore:http://lostmon.blogspot.com/2008/08/ kshop-module-search-variable-and-field.html Vendor notify:no exploit available:YES Kshop is a E-commerce php/Mysql script module for multiple CMS Systems like...

7.4AI score

Exploits0

exploitpack•added 2008/08/06 12:0 a.m.•11 views

Kshop 2.22 - kshop_search.php Cross-Site Scripting

Kshop 2.22 - kshopsearch.php Cross-Site Scripting source: https://www.securityfocus.com/bid/30576/info Kshop is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in...

6.8AI score

Exploits0

Exploit DB•added 2008/08/06 12:0 a.m.•26 views

Kshop 2.22 - 'kshop_search.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/30576/info Kshop is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

7.4AI score

Exploits0

NVD•added 2007/04/02 11:19 p.m.•15 views

CVE-2007-1810

SQL injection vulnerability in productdetails.php in the Kshop 1.17 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.4AI score0.02466EPSS

Exploits0References6

Cvelist•added 2007/04/02 11:0 p.m.•24 views

CVE-2007-1810

SQL injection vulnerability in productdetails.php in the Kshop 1.17 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.4AI score0.02466EPSS

Exploits0References6

CVE•added 2007/04/02 11:0 p.m.•43 views

CVE-2007-1810

CVE-2007-1810 is a SQL injection vulnerability in the Kshop 1.17 and earlier module for Xoops. The flaw affects product_details.php where the id parameter can be manipulated to execute arbitrary SQL commands on the database by remote attackers. The NVD entry lists a high impact (CVSS v2 base scor...

7.5CVSS8.4AI score0.02466EPSS

Exploits0References6Affected Software1

exploitpack•added 2007/04/01 12:0 a.m.•37 views

XOOPS Module Kshop 1.17 - id SQL Injection

XOOPS Module Kshop 1.17 - id SQL Injection !/usr/bin/perl Script Name: XOOPS Module Kshop : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User ID uid: "; $id = ; chop $id; $target =...

0.1AI score

Exploits0

0day.today•added 2007/04/01 12:0 a.m.•60 views

XOOPS Module Kshop <= 1.17 (id) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================ XOOPS Module Kshop : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print...

7.1AI score

Exploits0

Exploit DB•added 2007/04/01 12:0 a.m.•56 views

XOOPS Module Kshop 1.17 - 'id' SQL Injection

!/usr/bin/perl Script Name: XOOPS Module Kshop : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User ID uid: "; $id = ; chop $id; $target =...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by