CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-905 advisory. The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 1...

6.5CVSS6.9AI score0.00126EPSS

Exploits0References4

Packet Storm•added 2023/04/10 12:0 a.m.•249 views

ChurchCRM 4.5.1 SQL Injection

Exploit Title: ChurchCRM 4.5.1 - Authenticated SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24787/CVE-2023-24787.md Software Link: https://github.com/ChurchCRM/CRM/releases Vendor Homepage: http://churchcrm.io/ Version: 4.5.1...

6.3AI score

Exploits5

CNVD•added 2022/03/04 12:0 a.m.•20 views

Hestiacp Cross-Site Scripting Vulnerability

Hestiacp is an open source Linux web server control panel designed to provide administrators with an easy-to-use web and command line interface. Hestiacp suffers from a cross-site scripting vulnerability that originates from an unprocessed user-controlled GET domain parameter in index.php, which...

6.1CVSS6.2AI score0.00291EPSS

Exploits1References1

Circl•added 2018/05/29 3:50 p.m.•3 views

CVE-2025-34115

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/op5configexec.rb 2025-10-23 21:13:04+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

8.7CVSS5.7AI score0.70724EPSS

Exploits0References1

Circl•added 2018/05/29 3:50 p.m.•3 views

CVE-2011-10011

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/webidconverter.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

10CVSS5.7AI score0.57505EPSS

Exploits0References1

Prion•added 2009/09/17 6:30 p.m.•9 views

Directory traversal

Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop LWS php User Base 1.3beta allows remote attackers to include and execute arbitrary local files via the template parameter...

7.5CVSS7.7AI score0.03025EPSS

Exploits1References3Affected Software1

NVD•added 2009/09/17 6:30 p.m.•10 views

CVE-2008-7240

7.5CVSS7.2AI score0.03025EPSS

Exploits1References3

CVE•added 2009/09/17 6:0 p.m.•35 views

CVE-2008-7240

CVE-2008-7240 describes a directory traversal vulnerability in Linux Web Shop (LWS) PHP User Base 1.3beta. The flaw is in include/unverified.inc.php and allows remote attackers to include and execute arbitrary local files by manipulating the template parameter. Public references (X-Force, Securit...

7.5CVSS7.2AI score0.03025EPSS

Exploits1References3Affected Software1

Cvelist•added 2009/09/17 6:0 p.m.•15 views

CVE-2008-7240

7.2AI score0.03025EPSS

Exploits1References3

Prion•added 2008/02/27 7:44 p.m.•11 views

Directory traversal

Directory traversal vulnerability in include/body.inc.php in Linux Web Shop LWS php Download Manager 1.0 and 1.1 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the content parameter...

6.8CVSS7.6AI score0.04249EPSS

Exploits0References4Affected Software1

NVD•added 2008/02/27 7:44 p.m.•8 views

CVE-2008-1043

PHP remote file inclusion vulnerability in templates/default/header.inc.php in Linux Web Shop LWS php User Base 1.3 BETA allows remote attackers to execute arbitrary PHP code via a URL in the menu parameter...

7.5CVSS7.5AI score0.11385EPSS

Exploits1References4

Prion•added 2008/02/27 7:44 p.m.•6 views

Remote file inclusion

7.5CVSS8AI score0.11385EPSS

Exploits1References4Affected Software1

NVD•added 2008/02/27 7:44 p.m.•12 views

CVE-2008-1042

6.8CVSS7.1AI score0.04249EPSS

Exploits0References4

Cvelist•added 2008/02/27 7:0 p.m.•14 views

CVE-2008-1043

7.5AI score0.11385EPSS

Exploits1References4

CVE•added 2008/02/27 7:0 p.m.•29 views

CVE-2008-1042

CVE-2008-1042 describes a directory traversal in Linux Web Shop (LWS) PHP Download Manager 1.0 and 1.1, where include/body.inc.php accepts a .. in the content parameter to include and execute arbitrary local files. This vulnerability can impact confidentiality, integrity, and availability (CVSSv2...

6.8CVSS7.1AI score0.04249EPSS

Exploits0References4Affected Software1

CVE•added 2008/02/27 7:0 p.m.•34 views

CVE-2008-1043

Affected software: Linux Web Shop (LWS) PHP User Base 1.3 BETA. Vulnerability type: PHP remote file inclusion in templates/default/header.inc.php. Root cause / vector: remote attackers can supply a URL in the menu parameter, leading to arbitrary PHP code execution. Impact (as stated): arbitrary c...

7.5CVSS7.5AI score0.11385EPSS

Exploits1References4Affected Software1

securityvulns•added 2003/07/04 12:0 a.m.•35 views

[Full-Disclosure] Essentia Web Server 2.12 (Linux)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Buffer Overflow in Linux Essentia Webserver. Author: By B-r00t [email protected] Date: 04/07/2003 Reference: http://www.essencomp.com/ Versions: Essentia Web Server 2.12 Linux = VULNERABLE Related Info:...

2.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by