Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1028 matches found

Exploit DB
Exploit DBadded 2003/01/17 12:0 a.m.38 views

phpBB 2.0.3 - 'privmsg.php' SQL Injection

source: https://www.securityfocus.com/bid/6634/info A SQL injection vulnerability has been reported for phpBB2 systems that may result in the deletion of all private messages. phpBB2, in some cases, does not sufficiently sanitize user-supplied input which is used when constructing SQL queries to...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2002/11/09 12:0 a.m.18 views

Xoops 1.3.5 - Private Message System Font Attributes HTML Injection

source: https://www.securityfocus.com/bid/6344/info Xoops includes a Private Message System for users, so that they may send messages to one another. HTML tags used for font attributes are not sufficiently filtered of malicious HTML code. This makes it possible for an attacker to supply malicious...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2002/09/29 12:0 a.m.28 views

EmuMail 5.0 - Web Root Full Path Disclosure

source: https://www.securityfocus.com/bid/5823/info Emumail is an open source web mail application. It is available for the Unix, Linux, and Microsoft Windows operating systems. Under some conditions, Emumail may reveal sensitive configuration information. When unexpected characters are inserted...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2002/07/25 12:0 a.m.22 views

Microsoft SQL Server 2000 - sp_MScopyscript SQL Injection

source: https://www.securityfocus.com/bid/5309/info The Microsoft SQL Server 2000 spMScopyscript stored procedure does not sufficiently validate input before passing it to the xpcmdshell extended stored procedure. An attacker with the ability to execute a query or pass malicious input to a query...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2002/03/12 12:0 a.m.31 views

CaupoShop: cross-site-scripting bug

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ppp-design found the following cross-site-scripting bug in CaupoShop and probably in CaupoShopPro: Details - ------- Product: CaupoShop and probably CaupoShopPro Version: 1.30a CaupoShop and maybe all versions before OS affected: all OS with php and...

6.7AI score
Exploits0
Exploit DB
Exploit DBadded 2001/07/21 12:0 a.m.27 views

PHPLib Team PHPLIB 7.2 - Remote Script Execution

source: https://www.securityfocus.com/bid/3079/info The PHP Base Library'PHPLIB' is a code library which provides support for session management in web applications. It is targeted to developers and is widely used in many web applications, so a strong possibility exists that an application may be...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2001/02/01 12:0 a.m.15 views

Xmail 0.50.6 CTRLServer - Arbitrary Commands

Xmail 0.50.6 CTRLServer - Arbitrary Commands // source: https://www.securityfocus.com/bid/2360/info Versions of CTRLServer are vulnerable to malicious user-supplied input. A failure to properly bounds-check data passed to the cfgfileget command leads to an overflow, which, properly exploited, can...

0.4AI score
Exploits0
NVD
NVDadded 2000/11/14 5:0 a.m.9 views

CVE-2000-0871

Buffer overflow in EFTP allows remote attackers to cause a denial of service by sending a string that does not contain a newline, then disconnecting from the server...

5CVSS6.8AI score0.00998EPSS
Exploits1References4
Rows per page
Query Builder