CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

Prion•added 2011/06/21 2:52 a.m.•9 views

Design/Logic Flaw

The loadUserSettings function in Load.php in Simple Machines Forum SMF before 1.1.13, and 2.x before 2.0 RC5, does not properly handle invalid login attempts, which might make it easier for remote attackers to obtain access or cause a denial of service via a brute-force attack...

7.5CVSS7.2AI score0.00703EPSS

Exploits0References4Affected Software1

CVE•added 2011/06/21 1:0 a.m.•46 views

CVE-2011-1128

The CVE-2011-1128 issue affects Simple Machines Forum (SMF): loadUserSettings in Load.php fails to properly handle invalid login attempts, enabling brute-force access or potential denial of service. Affected: SMF < 1.1.13 and SMF 2.x

7.5CVSS6.9AI score0.00703EPSS

Exploits0References4Affected Software1

CVE•added 2010/09/14 4:39 p.m.•37 views

CVE-2010-0155

The CVE-2010-0155 issue affects IBM Proventia Network Mail Security System (PNMSS) with firmware older than 2.5, specifically the Local Management Interface (LMI). A CRLF injection vulnerability exists in load.php that is exploitable by remote authenticated users via the javaVersion parameter, en...

3.5CVSS6.6AI score0.00155EPSS

Exploits1References2Affected Software2

Prion•added 2009/04/29 6:30 p.m.•7 views

Directory traversal

Directory traversal vulnerability in admin/load.php in FunGamez RC1 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter to index.php...

6.8CVSS7.6AI score0.03125EPSS

Exploits1References5Affected Software1

Prion•added 2009/04/21 6:30 p.m.•10 views

Sql injection

SQL injection vulnerability in Load.php in Simple Machines Forum SMF 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands by setting the dbcharacterset parameter to a multibyte character set such as big5, which causes the addslashes PHP function to produce a "" backslash...

7.5CVSS9AI score0.00322EPSS

Exploits1References3Affected Software1

CVE•added 2009/04/21 6:7 p.m.•46 views

CVE-2008-6741

CVE-2008-6741 affects Simple Machines Forum (SMF) 1.1.4 and earlier. The vulnerability arises from an SQL injection in Load.php triggered by using a multibyte character set for db_character_set (e.g., big5), where addslashes can fail to quote single quotes, enabling remote SQL execution via a cra...

7.5CVSS8.7AI score0.00322EPSS

Exploits1References3Affected Software1

Prion•added 2006/04/11 10:2 a.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Pages module in Shadowed Portal allows remote attackers to inject arbitrary web script or HTML via the page parameter to load.php...

2.6CVSS6.1AI score0.00758EPSS

Exploits1References7Affected Software1

NVD•added 2006/04/11 10:2 a.m.•8 views

CVE-2006-1701

Cross-site scripting XSS vulnerability in the Pages module in Shadowed Portal allows remote attackers to inject arbitrary web script or HTML via the page parameter to load.php...

2.6CVSS5.7AI score0.00758EPSS

Exploits1References7

Cvelist•added 2006/04/11 10:0 a.m.•11 views

CVE-2006-1701

Cross-site scripting XSS vulnerability in the Pages module in Shadowed Portal allows remote attackers to inject arbitrary web script or HTML via the page parameter to load.php...

5.7AI score0.00758EPSS

Exploits1References7

securityvulns•added 2006/04/09 12:0 a.m.•23 views

Shadowed Portal Cross Site Scripting

------------------------------------------------------------------------------------- Shadowed Portal Cross Site Scripting Site:http://www.shad0wed.com/ Demo:http://www.shad0wed.com/ --------------------------------------------------- Credit : Liz0ziM webpage:www.biyo.tk www.biyosecurity.be Mail...

6.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by