CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

139 matches found

OSV•added 2021/01/05 3:15 p.m.•13 views

CVE-2020-26045

FUEL CMS 1.4.11 allows SQL Injection via parameter 'name' in /fuel/permissions/create/. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database...

9.8CVSS8.5AI score

Exploits0References3

Prion•added 2020/10/01 2:15 p.m.•17 views

Sql injection

WebsiteBaker 2.12.2 allows SQL Injection via parameter 'displayname' in /websitebaker/admin/preferences/save.php. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database...

7.5CVSS9.8AI score0.01647EPSS

Exploits3References2Affected Software1

Cvelist•added 2020/10/01 1:57 p.m.•14 views

CVE-2020-25990

WebsiteBaker 2.12.2 allows SQL Injection via parameter 'displayname' in /websitebaker/admin/preferences/save.php. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database...

9.9AI score0.01647EPSS

Exploits3References2

0day.today•added 2018/05/24 12:0 a.m.•40 views

School Management System CMS 1.0 - username SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: School Management System CMS 1.0 - Admin Login SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor : Wecodex Solutions Vendor Homepage: https://www.wecodex.com/item/view/school-management-system-in-php-and-mysql/5...

Symantec•added 2016/11/08 12:0 a.m.•26 views

Microsoft Edge CVE-2016-7208 Scripting Engine Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. This could allow the attacker to execute arbitrary code in the context of the currently logged-in user. Failed...

7.6CVSS0.8AI score0.15277EPSS

Exploit DB•added 2014/07/28 12:0 a.m.•28 views

WordPress Plugin FB Gorilla - 'game_play.php' SQL Injection

source: https://www.securityfocus.com/bid/69222/info FB Gorilla plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent...

seebug.org•added 2014/07/01 12:0 a.m.•27 views

Phorum 5.1.20 admin.php modsettings Module smiley_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting issues, because the...

seebug.org•added 2014/07/01 12:0 a.m.•15 views

Joomla! 'com_alert' Component 'q_item' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38827/info The 'comalert' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

seebug.org•added 2014/07/01 12:0 a.m.•15 views

ASP-DEV XM Events Diary 'cat' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32809/info ASP-DEV XM Events Diary is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

seebug.org•added 2014/07/01 12:0 a.m.•19 views

6rbScript 'cat.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31329/info 6rbScript is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

seebug.org•added 2014/07/01 12:0 a.m.•31 views

PHP 4.x/5.0.x File Upload GLOBAL Variable Overwrite Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15250/info PHP is prone to a vulnerability that allows attackers to overwrite the GLOBAL variable via HTTP POST requests. By exploiting this issue, remote attackers may be able to overwrite the GLOBAL variable. This may...

seebug.org•added 2014/07/01 12:0 a.m.•23 views

NPDS Versions Prior to 08.06 Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/33051/info NPDS is prone to multiple input-validation vulnerabilities: - Multiple local file-include vulnerabilities - An HTML-injection vulnerability - Multiple SQL-injection vulnerabilities - Multiple cross-site scripti...

seebug.org•added 2014/07/01 12:0 a.m.•11 views

LinksPro 'OrderDirection' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33305/info LinksPro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

seebug.org•added 2014/07/01 12:0 a.m.•11 views

Viennabux Beta! 'cat' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39602/info Viennabux Beta! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromi...

seebug.org•added 2014/07/01 12:0 a.m.•9 views

e107 0.7.x 'e107_admin/banner.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39609/info e107 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

seebug.org•added 2014/07/01 12:0 a.m.•61 views

PHP-Nuke 8.0 'main/tracking/userLog.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35117/info PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

seebug.org•added 2014/07/01 12:0 a.m.•10 views

IWebNegar Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11946/info iWebNegar is reported prone to multiple SQL injection vulnerabilities, these issues exist due to a lack of sufficient boundary checks performed on user-supplied URI parameter data. These issues could...

seebug.org•added 2014/07/01 12:0 a.m.•18 views

Cyber CMS 'faq.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39698/info Cyber CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

seebug.org•added 2014/07/01 12:0 a.m.•15 views

Joomla! and Mambo 'com_guide' Component - 'category' Parameter - SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28271/info The 'guide' component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...

seebug.org•added 2014/07/01 12:0 a.m.•12 views

AIOCP 1.3.x cp_newsletter.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by