CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

71 matches found

MySQLDumper 1.24.4 - Directory Traversal

Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. dot dot in the 1 language parameter to learn/cubemail/install.php or 2 f parameter learn/cubemail/filemanagement.php, or execute arbitrary local files via a .. dot dot in the...

4.3CVSS5.8AI score0.30159EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-3551

Malware in sbrugna...

7.5CVSS6.4AI score0.01093EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-4196

Malware in sbrugna...

5.1CVSS6.4AI score0.00359EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-4199

Malware in sbrugna...

4.3CVSS6.4AI score0.00283EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2006-5249

Malware in sbrugna...

6.8CVSS6.4AI score0.00977EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2012-4198

Malware in sbrugna...

4.3CVSS6.4AI score0.06969EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-4195

Malware in sbrugna...

4.3CVSS6.4AI score0.07729EPSS

Exploits1References7

RedhatCVE•added 2025/05/22 6:1 a.m.•8 views

CVE-2012-4255

MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refreshdblist.php, which reveals the installation path in an error message...

4.3CVSS6.4AI score0.00283EPSS

Exploits1References1

OpenVAS•added 2016/01/17 12:0 a.m.•28 views

MySQLDumper Version Detection

This script detects the installed version of MySQLDumper. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.3AI score

Exploits0

seebug.org•added 2014/12/09 12:0 a.m.•23 views

shopex csrf脱裤任意文件删除文件写shell

简要描述： shopex csrf脱裤任意文件删除文件写shell 详细说明：所有的漏洞缘由都是因为一个csrf引起的，那么我们来一个个看看：安装最新版本的shopex： ctl.backup.php: function backup ifconstant'SAASMODE' exit; header"Content-type:text/html;charset=utf-8"; $params'sizelimit' = 1024; $params'filename' = $GET"filename"==""?date"YmdHis", time:$GET"filename";...

7.7AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•15 views

MySQLDumper 1.21 SQL.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20460/info MySQLDumper is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to execute attacker-supplied script code ...

7.1AI score

Exploits0

OpenVAS•added 2013/05/29 12:0 a.m.•9 views

MySQLDumper <= 1.24.4 SQLi Vulnerability - Active Check

MySQLDumper is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.1AI score

Exploits0References2

NVD•added 2012/08/13 6:55 p.m.•19 views

CVE-2012-4252

Multiple cross-site request forgery CSRF vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to hijack the authentication of administrators for requests that 1 remove file access restriction via a deletehtaccess action, 2 drop a database via a kill value in a db action, 3 uninstall the...

5.1CVSS8.5AI score0.00359EPSS

Exploits1References4

NVD•added 2012/08/13 6:55 p.m.•13 views

CVE-2012-4255

MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refreshdblist.php, which reveals the installation path in an error message...

4.3CVSS6.1AI score0.00283EPSS

Exploits1References3

NVD•added 2012/08/13 6:55 p.m.•7 views

CVE-2012-4251

Multiple cross-site scripting XSS vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to inject arbitrary web script or HTML via the 1 page parameter to index.php, 2 phase parameter to install.php, 3 tablename or 4 dbid parameter to sql.php, or 5 filename parameter to restore.php in...

4.3CVSS5.8AI score0.07729EPSS

Exploits1References6

NVD•added 2012/08/13 6:55 p.m.•13 views

CVE-2012-4253

4.3CVSS7.1AI score0.30159EPSS

Exploits1References6

NVD•added 2012/08/13 6:55 p.m.•17 views

CVE-2012-4254

MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information Notices via a direct request to 1 learn/cubemail/restore.php or 2 learn/cubemail/dump.php...

4.3CVSS6.2AI score0.06969EPSS

Exploits1References4

Prion•added 2012/08/13 6:55 p.m.•15 views

Information disclosure

MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refreshdblist.php, which reveals the installation path in an error message...

4.3CVSS6.6AI score0.00283EPSS

Exploits1References3Affected Software1

Prion•added 2012/08/13 6:55 p.m.•10 views

Directory traversal

4.3CVSS7.7AI score0.30159EPSS

Exploits1References6Affected Software1

Prion•added 2012/08/13 6:55 p.m.•12 views

Design/Logic Flaw

MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information Notices via a direct request to 1 learn/cubemail/restore.php or 2 learn/cubemail/dump.php...

4.3CVSS6.7AI score0.06969EPSS

Exploits1References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by