Lucene search
K

925 matches found

Exploit DB
Exploit DB
added 2017/10/30 12:0 a.m.28 views

Basic B2B Script - SQL Injection

Exploit Title: Basic B2B Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/nC3F4570353/php-scripts/basic-b2b-script Demo: http://readymadeb2bscript.com/product/entrepreneur/ Version: N/A Category...

9.8CVSS9.7AI score0.02652EPSS
Exploits5
UbuntuCve
UbuntuCve
added 2017/07/17 9:29 p.m.20 views

CVE-2017-8896

ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters...

6.1CVSS6.4AI score0.012EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2017/06/20 12:0 a.m.40 views

MediaWiki Multiple Vulnerabilities (Apr 2017) - Linux

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; if...

9.8CVSS6.3AI score0.11653EPSS
Exploits6References2
Cvelist
Cvelist
added 2017/06/15 7:0 p.m.15 views

CVE-2017-9419

Cross-site scripting XSS vulnerability in the Webhammer WP Custom Fields Search plugin 0.3.28 for WordPress allows remote attackers to inject arbitrary JavaScript via the cs-all-0 parameter...

6.2AI score0.01122EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/14 12:0 a.m.1 views

Schneider Electric U.motion Builder syslog_getdata Remote Code Execution Vulnerability

U.motion Builder is a builder product from Schneider Electric France. A remote code execution vulnerability exists in Schneider Electric U.motion Builder sysloggetdata. The base SQLite database query requires SQL injection on the type, level, ishandled, and lastlogid input parameters. A remote...

9.4AI score
Exploits0References1
CNVD
CNVD
added 2017/06/14 12:0 a.m.1 views

Schneider Electric U.motion Builder loadtemplate remote code execution vulnerability

U.motion Builder is a builder product from Schneider Electric France. A remote code execution vulnerability exists in the Schneider Electric U.motion Builder loadtemplate. The underlying SQLite database query requires SQL injection on the tpl input parameter. A remote attacker could exploit this...

9.3AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/04/03 9:2 p.m.4 views

apache-cxf: XSS in Apache CXF FormattedServiceListWriter

A vulnerability was found in FormattedServiceListWriter in Apache CXF HTTP transport module that could allow an attacker to inject unexpected matrix parameters into the request URL. On a successful injection these matrix parameters will find their way back to the client in the services list page...

6.1CVSS7.2AI score0.09193EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2017/03/07 3:11 a.m.26 views

Security update for munin (important)

This update for munin fixes the following issues: - An attacker has been able to write arbitrary local files with the permissions of the web server, by using parameter injection boo1026539, CVE-2017-6188 - The MySQL plugin has been fixed to work correctly against MySQL 5.5 on Leap 42.1...

1.9CVSS2.6AI score0.00421EPSS
Exploits0References1
seebug.org
seebug.org
added 2016/09/18 12:0 a.m.22 views

UF FE office platform /assetsGroupReport/vendorContacts. jsp parameters startDate injection vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.api.request import req from pocsuite.api.poc import register from pocsuite.api.poc import Output, POCBase import re import requests class TestPOCPOCBase: vulID = '' ssvid version = '1.0' author = '烽火戏诸侯' vulDate =...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/08/30 12:0 a.m.12 views

Fancier /travel/tour_view. aspx a parameter injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/08/15 12:0 a.m.15 views

1caitong /PriceDetail/PriceComposition_Formula. aspx the parameter elementId injection vulnerability

No description provided by source...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2016/06/23 12:0 a.m.15 views

openSUSE: Security Advisory for obs-service-source_validator (openSUSE-SU-2016:1660-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.6AI score0.02474EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2016/06/22 5:8 p.m.28 views

Security update for obs-service-source_validator (important)

obs-service-sourcevalidator was updated to fix one security issue. This security issue was fixed: - CVE-2016-4007: Several maintained source services are vulnerable to code/paramter injection bsc967265. This non-security issue was fixed: - bsc967610: Several occurrences of uninitialized value...

10CVSS2.1AI score0.02474EPSS
Exploits0References2
CNVD
CNVD
added 2016/06/08 12:0 a.m.4 views

Symantec Embedded Security:Critical System Protection and Symantec Data Center Security: Server Advanced Security Bypass Vulnerabilities

Symantec Embedded Security:Critical System Protection SES:CSP and Symantec Data Center Security: Server Advanced SDCS:SA are both security products from Symantec Corporation. SES:CSP is a lightweight intrusion detection and prevention system client product; SDCS:SA provides security for physical...

7.3CVSS6.7AI score0.01363EPSS
Exploits0References1
OSV
OSV
added 2016/05/28 1:59 a.m.1 views

CVE-2016-1413

The web interface in Cisco Firepower Management Center 5.4.0 through 6.0.0.1 allows remote authenticated users to modify pages by placing crafted code in a parameter value, aka Bug ID CSCuy76517...

6.5CVSS5.9AI score0.00894EPSS
Exploits0References1
VMware
VMware
added 2016/05/22 12:0 a.m.54 views

VMSA-2016-0006:VMware vCenter Server updates address an HIGH cross-site scripting issue

VMSA-2016-0006 VMware vCenter Server updates address an important cross-site scripting issue. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0006 VMware Security Advisory Synopsis: VMware vCenter Server updates address an important cross-site scripting issue VMware...

6.1CVSS6.8AI score0.01072EPSS
Exploits2References3Affected Software1
CVE
CVE
added 2016/05/17 12:0 a.m.113 views

CVE-2016-3721

CVE-2016-3721 affects Jenkins core: Jenkins before 2.3 and LTS before 1.651.2 may allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables. Root cause is unsafe handling of environment variables during builds, enabling parameter le...

6.5CVSS6.5AI score0.02142EPSS
Exploits0References6Affected Software1
CNVD
CNVD
added 2016/04/14 12:0 a.m.3 views

Cisco Unity Connection Cross-Site Scripting Vulnerability (CNVD-2016-02252)

Cisco Unity Connection UC is a voice messaging platform from Cisco. The platform can use voice commands to make calls or listen to messages in a "hands-free" way. A cross-site scripting vulnerability exists in Cisco UC 11.0 and earlier versions. A remote attacker can exploit this vulnerability by...

6.1CVSS6.1AI score0.01009EPSS
Exploits0References1
myhack58
myhack58
added 2015/08/31 12:0 a.m.41 views

Hacking ipcam like Harold in POI-vulnerability warning-the black bar safety net

0x00 for ipcam attack mesh and preparation 0x01 for embedded devices parameter injection vulnerability to conventional weapons and methods of analysis 0x02 several wonderful case 0x03 Hacking like POI 0x00 preparation This time we discussed is the analysis of the smart camera firmware,through a...

8.6AI score
Exploits0
Prion
Prion
added 2015/06/24 2:59 p.m.11 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in MySql Lite Administrator mysql-lite-administrator beta-1 allow remote attackers to inject arbitrary web script or HTML via the tablename parameter to 1 tabella.php, 2 coloni.php, or 3 insert.php or 4 numrow parameter to coloni.php...

4.3CVSS6AI score0.01906EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder