CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1620 matches found

seebug.org•added 2007/06/07 12:0 a.m.•24 views

PostNuke PNPHPBB2 Module Index.PHP SQL注入漏洞

PNphpBB是一款基于PHP的WEB应用程序。 PNphpBB不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息。问题是'Index.PHP'脚本对用户提交的WEB参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息。 PNphpBB PNphpBB 1.2 g PNphpBB PNphpBB 1.2 f PNphpBB PNphpBB 1.2 目前没有解决方案提供： http://www.pnphpbb.com/modules.php?op=modload&name=ForumNews&file=index...

securityvulns•added 2007/05/22 12:0 a.m.•62 views

Jetbox CMS version 2.1 Multiple SQL Injection Vulnerabilities

netVigilance Security Advisory 28 Jetbox CMS version 2.1 Multiple SQL Injection Vulnerabilities Description: Jetbox CMS is seriously tested on usability & has a professional intuitive interface. The system is role based, with workflow and module orientated. All content is fully separated from...

7.5CVSS7.5AI score0.01176EPSS

Cvelist•added 2007/05/09 1:0 a.m.•17 views

CVE-2007-2543

SQL injection vulnerability in game.php in the Flashgames 1.0.1 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the lid parameter...

8.4AI score0.01202EPSS

Exploits1References6

seebug.org•added 2007/05/04 12:0 a.m.•23 views

PostNuke Module v4bJournal Remote SQL Injection Vulnerability

No description provided by source. ---------------------------------------- PostNuke Journal ---------------------------------------- DISCOVERED BY :Ali Abbasi Olom Fonon Mazandaran University - Security Research Center, Babol, Iran Greetz For All Y! UnderGround Group Members www.2600.ir Greetz F...

exploitpack•added 2007/05/02 12:0 a.m.•16 views

PostNuke Module v4bJournal - SQL Injection

PostNuke Module v4bJournal - SQL Injection ---------------------------------------- PostNuke Journal ---------------------------------------- DISCOVERED BY :Ali Abbasi Olom Fonon Mazandaran University - Security Research Center, Babol, Iran Greetz For All Y! UnderGround Group Members www.2600.ir...

0day.today•added 2007/05/02 12:0 a.m.•14 views

PostNuke Module v4bJournal Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================= PostNuke Module v4bJournal Remote SQL Injection Vulnerability ============================================================= ---------------------------------------- PostNuke...

seebug.org•added 2007/04/29 12:0 a.m.•15 views

PostNuke pnFlashGames Module v1.5 REmote SQL Injection

No description provided by source. ============================================================ PostNuke pnFlashGames Module v1.5 REmote SQL Injection ============================================================ Bulan: xoron xoron.biz + Love's the funeral of hearts The funeral of hearts And a ple...

NVD•added 2007/04/22 7:19 p.m.•19 views

CVE-2007-2160

Multiple cross-site request forgery CSRF vulnerabilities in the Database Administration dba module 4.6.x-, and before 4.7.x-1.2 in the 4.7.x-1. series, for Drupal allow remote attackers to perform unauthorized actions as an arbitrary user, a related issue to CVE-2006-5476...

7.5CVSS7.1AI score0.01359EPSS

Exploits0References4

seebug.org•added 2007/04/20 12:0 a.m.•55 views

ProFTPD AUTH多个验证模块安全绕过漏洞

proftpd是一款流行的开放源代码的FTP服务程序。 proftpd在AUTH API上存在一个错误，远程攻击者可以利用漏洞可以绕过安全限制，未授权访问。由于FTP协议需要分开USER和PASS命令，ProFTPD独立的通过USER对用户数据进行检查，而当PASS接收到时对用户的验证进行校验。因此这些组合使ProFTPD允许多个同步Auth模块存在如modauthunix, modsql, modldap，可能导致某个验证模块提供用户数据modauthunix而另一个模块验证用户数据如modsql. 当验证模块modsql配置成使用底限制的验证策略，如： SQLAuthTypes...

seebug.org•added 2007/04/20 12:0 a.m.•17 views

Joomla Template Module Index.PHP远程文件包含漏洞

Joomla Template Module是一款基于PHP的WEB应用程序。 Joomla Template Module不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。问题是'Index.PHP'脚本对用户提交的WEB参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 Joomla Template Module Be2004-2 目前没有解决方案提供： http://www.joomlaresource.com/joomladownloads/Download/JoomlaTemplates/be2004-2/...

securityvulns•added 2007/04/19 12:0 a.m.•81 views

Joomla Module AutoStand Category <= 1.1 Remote File include Vulnerabilities

======================================================= Joomla Module AutoStand Category = 1.1 Remote File include Vulnerabilities ======================================================= Found By : Cold z3ro , [email protected] ======================================================= Homepage:...

exploitpack•added 2007/04/16 12:0 a.m.•15 views

xoops module tsdisplay4xoops 0.1 - Remote File Inclusion

xoops module tsdisplay4xoops 0.1 - Remote File Inclusion tsdisplay4xoops 0.1xoopsurlRemote File Include Vulnerabilitiy D.Script: http://kisskool30.free.fr/tsdisplay4xoopsv0.08.zip Discovered by: GolDM = Mahmoodali Homepage: http://Www.Tryag.Com/cc...

seebug.org•added 2007/04/15 12:0 a.m.•23 views

XOOPS Rha7 Downloads Module Visit.PHP SQL注入漏洞

XOOPS Rha7 Downloads是一款基于PHP的WEB应用程序。 XOOPS Rha7 Downloads不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息。问题是'Visit.PHP'脚本对用户提交的'postid'参数缺少过滤，提交恶意SQL代码作为参数数据，可导致更改原来的SQL逻辑，获得敏感信息。 Xoops Rha7 Downloads Module 1.0 目前没有解决方案提供： http://www.xoops.org/ !/usr/bin/perl Script Name: XOOPS Module Rha7 Downloads...

seebug.org•added 2007/04/15 12:0 a.m.•123 views

Joomla Module AutoStand 1.0 Remote File Inclusion Vulnerability

No description provided by source. ======================================================= Joomla Module AutoStand Category = 1.1 Remote File include Vulnerabilities ======================================================= Found By : Cold z3ro , [email protected]...

0day.today•added 2007/04/11 12:0 a.m.•25 views

Mambo Module Weather (absolute_path) RFI Vulnerability

Exploit for unknown platform in category web applications ====================================================== Mambo Module Weather absolutepath RFI Vulnerability ====================================================== ============================================================ Mambo/Joomla...

Packet Storm•added 2007/04/05 12:0 a.m.•33 views

xoops-snippets-sql.txt

XOOPS Module WF-Snippets //'=============================================================================================== //'Script Name: XOOPS Module WF-Snippets = 1.02 c BLIND SQL Injection Exploit //'Coded by : ajann //'Author : ajann //'Contact : : //'S.Page : http://www.xoops.org/ //'$$ :...

seebug.org•added 2007/04/05 12:0 a.m.•26 views

XOOPS Module Jobs <= 2.4 (cid) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Script Name: XOOPS Module Jobs = 2.4 cid Remote BLIND SQL Injection Exploit Coded by : ajann Author : ajann Contact : : Dork : "inurl:/modules/jobs/" S.Page : http://www.jlmzone.com/ $$ : Free .. : ajann,Turkey use IO::Socket; if@ARGV 1 print "...

Exploit DB•added 2007/04/05 12:0 a.m.•38 views

XOOPS Module Jobs 2.4 - 'cid' SQL Injection

!/usr/bin/perl Script Name: XOOPS Module Jobs : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User ID uid: "; $id = ; chop $id; $target =...

Exploit DB•added 2007/04/05 12:0 a.m.•49 views

XOOPS Module WF-Links 1.03 - 'cid' SQL Injection

!/usr/bin/perl Script Name: XOOPS Module WF-Links : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User ID uid: "; $id = ; chop $id; $target =...

seebug.org•added 2007/04/04 12:0 a.m.•26 views

Xoops Module PopnupBlog <= 2.52 (postid) BLIND SQL Injection Exploit

No description provided by source. html head titleXOOPS Module PopnupBlog = 2.52 postid BLIND SQL Injection Exploit/title script type="text/javascript" //'=============================================================================================== //'Script Name: XOOPS Module PopnupBlog = 2.52...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by