CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

301 matches found

Packet Storm•added 2015/07/13 12:0 a.m.•20 views

ZenPhoto 1.4.8 XSS / SQL Injection / Traversal

Vulnerability: SQL Injection, Reflected XSS, Path Traversal Affected Software: ZenPhoto http://www.zenphoto.org/ Affected Version: 1.4.8 probably also prior versions Patched Version: 1.4.9 Risk: Medium Vendor Contacted: 2015-05-18 Vendor Fix: 2015-07-09 Public Disclosure: 2015-07-10 SQL Injection...

securityvulns•added 2015/07/05 12:0 a.m.•128 views

CollabNet Subversion Edge downloadHook local file inclusion

Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "filename" parameter of the "downloadHook" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...

securityvulns•added 2015/07/05 12:0 a.m.•58 views

CollabNet Subversion Edge tail local file inclusion

Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "fileName" parameter of the "tail" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Local...

securityvulns•added 2015/07/05 12:0 a.m.•119 views

CollabNet Subversion Edge indes local file inclusion

Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "listViewItem" parameter of the "index" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...

Packet Storm•added 2015/06/30 12:0 a.m.•24 views

CollabNet Subversion Edge Management listViewItem LFI

Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "listViewItem" parameter of the "index" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...

Packet Storm•added 2015/06/29 12:0 a.m.•21 views

CollabNet Subversion Edge Management downloadHook LFI

Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "filename" parameter of the "downloadHook" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...

Exploit DB•added 2014/11/10 12:0 a.m.•27 views

Barracuda - Multiple Unauthentication Logfile Downloads

Exploit Title: multiple Barracuda products logfile disclosure Date: 03/26/2014 Exploit Author: Juergen Grieshofer / 4CKnowLedge Author Homepage: https://4ck.eu/ Vendor Homepage: https://barracudalabs.com Software Link: https://firewall.ptest.cudasvc.com/ Firmware v6.1.4.008 2014-02-18 08:06:34...

exploitpack•added 2014/11/10 12:0 a.m.•14 views

Barracuda - Multiple Unauthentication Logfile Downloads

Barracuda - Multiple Unauthentication Logfile Downloads Exploit Title: multiple Barracuda products logfile disclosure Date: 03/26/2014 Exploit Author: Juergen Grieshofer / 4CKnowLedge Author Homepage: https://4ck.eu/ Vendor Homepage: https://barracudalabs.com Software Link:...

Atlassian•added 2014/10/08 7:14 a.m.•15 views

Session ID URL's in logfile

Hi, In the logfiles you can see the session ID's in the URL. Can this be used to hack into a another account?...

Exploits0Affected Software1

Atlassian•added 2014/10/08 7:14 a.m.•13 views

Session ID URL's in logfile

Hi, In the logfiles you can see the session ID's in the URL. Can this be used to hack into a another account?...

Exploits0Affected Software1

seebug.org•added 2014/07/01 12:0 a.m.•33 views

AWStats 5.x/6.x Logfile Parameter Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12572/info AWStats is reported prone to a remote arbitrary command-execution vulnerability. This issue occurs because the application fails to properly sanitize user-supplied data. Specifically, the user-specified 'logfil...

seebug.org•added 2014/07/01 12:0 a.m.•12 views

Snort unified 1 IDS Logging Alert Evasion, Logfile Corruption/Alert Falsify

No description provided by source. Advisory: ========= Snort unified 1 IDS Logging Alert Evasion, Logfile Corruption/Alert Falsify Log: ==== 30/06/2009 Bug detected. 20/07/2009 First mail with snort team. 20/07/2009 Snort team answer they will fix it in the next release 2.8.5. 16/09/2009 Snort...

seebug.org•added 2014/07/01 12:0 a.m.•13 views

Inso DynaWeb httpd 3.1/4.0.2/4.1 Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5384/info Inso DynaWeb webserver, dwhttpd, is used as a subcomponent in products such as Sun's AnswerBook2, which is shipped as part of the Solaris operating environment. The dwhttpd webserver is prone to a remotely...

seebug.org•added 2014/07/01 12:0 a.m.•15 views

Junsoft JSparm 4.0 Logging Output File Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2515/info JSparm is the Junsoft Performance Analysis Report Maker package. This software package provides an enhanced perfmon performance monitoring package and interface, as well as a performance report generation...

seebug.org•added 2014/07/01 12:0 a.m.•7 views

AWStats (5.0-6.3) Input Validation Hole in 'logfile'

No description provided by source. Example: http://target/awstats.pl?filterrawlog=&rawlogmaxlines=5000&config=stats.jdims.info&framename=main&pluginmode=rawlog&log file=/etc/passwd...

seebug.org•added 2014/07/01 12:0 a.m.•17 views

Positive Software H-Sphere Winbox 2.4 Sensitive Logfile Content Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13559/info It is reported that Positive Software H-Sphere Winbox stores user account information in a plaintext format inside of application log files. As a result, user credentials could be exposed to other local users w...

seebug.org•added 2014/07/01 12:0 a.m.•34 views

HFS HTTP File Server 1.5/2.x Multiple Security Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27423/info HFS HTTP File Server is prone to multiple security vulnerabilities, including cross-site scripting issues, an information-disclosure issue, an arbitrary file-creation issue, a denial-of-service issue, a...

10CVSS6.5AI score0.07535EPSS

seebug.org•added 2014/07/01 12:0 a.m.•17 views

WordPress Backup Plugin 2.0.1 Information Disclosure

No description provided by source. Exploit Title: WordPress Backup plugin exposes site data Google Dork: http://www.google.com/search?q=inurl:wp-content/backup.log Date: 01-jul-2012 Exploit Author: Stephan Knauss Vendor Homepage: http://wordpress.org/extend/plugins/backup/ Software Link:...

seebug.org•added 2014/07/01 12:0 a.m.•13 views

Jax PHP Scripts 1.0/1.34/2.14/3.31 logfile.csv User IP Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...

Prion•added 2014/06/18 2:55 p.m.•10 views

Directory traversal

Directory traversal vulnerability in logs-x.php in WebTitan before 4.04 allows remote attackers to read arbitrary files via a .. dot dot in the logfile parameter in a download action...

5CVSS7.1AI score0.06377EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by