CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

6655 matches found

Schneier on Security•added 2018/01/05 8:22 p.m.•18 views

Spectre and Meltdown Attacks Against Microprocessors

The security of pretty much every computer on the planet has just gotten a lot worse, and the only real solution -- which of course is not a solution -- is to throw them all away and buy new ones. On Wednesday, researchers just announced a series of major security vulnerabilities in the...

Carbon Black Blog•added 2018/01/05 7:38 p.m.•51 views

Carbon Black Solutions Currently Compatible With Major OS Vendor Patches on Meltdown & Spectre

Recently, researchers have released details on two classes of vulnerabilities in modern CPU hardware. These vulnerabilities affect unprecedented numbers of systems and are some of the more difficult issues to address in recent history. These vulnerabilities, dubbed Meltdown and Spectre, may be...

Exploit DB•added 2018/01/05 12:0 a.m.•60 views

gps-server.net GPS Tracking Software < 3.1 - Multiple Vulnerabilities

Exploit Title: GPS-SERVER.NET SAAS CMS Unfortunately each and every POST request in the CMS is going through function mysqlrealescapestring which will add slashes behind every quote in the payload. So you have to make sure your payload doesn't contain any quote. Fortunately, PHP is flexible enoug...

9.8CVSS9.6AI score0.06946EPSS

Packet Storm•added 2018/01/02 12:0 a.m.•37 views

Eventsys Events Management System 1.0 Cross Site Scripting

Exploit Title: Eventsys & Events Management System - Xss Google Dork: N/A Date: 2018/01/01 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://codecanyon.net/user/miteshgoswami Software Buy:...

Packet Storm•added 2017/12/31 12:0 a.m.•45 views

Chatting System PHP Ajax MySQL JavaScript 1.0 Cross Site Scripting

Exploit Title: Chatting System PHP Ajax MySQL JavaScript - xss Google Dork: N/A Date: 2017/31/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://www.codester.com/IngeniousDeveloper Software Buy:...

Packet Storm•added 2017/12/31 12:0 a.m.•41 views

Auto Generate Data Sample 1.0 Cross Site Scripting

Exploit Title: Auto Generate Data Sample PHP - xss Google Dork: N/A Date: 2017/31/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://www.codester.com/niagawebster Software Buy: https://www.codester.com/items/5580/auto-generate-data-sample-php Demo:...

Packet Storm•added 2017/12/31 12:0 a.m.•45 views

Chatting System PHP Ajax MySQL JavaScript 1.0 Shell Upload

Exploit Title: Chatting System PHP Ajax MySQL JavaScript - Remote Shell Upload Google Dork: N/A Date: 2017/31/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://www.codester.com/IngeniousDeveloper Software Buy:...

Packet Storm•added 2017/12/28 12:0 a.m.•36 views

Tripbuddy Travel, Locations, And Events 1.0 Cross Site Scripting

Exploit Title: Tripbuddy - Travel, Locations and Events Web App - xss Google Dork: N/A Date: 2017/28/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://tripbuddy-app.com/ Software Buy:...

Trend Micro Simply Security•added 2017/12/27 2:0 p.m.•28 views

Security Round-up: Five Things We’ve Learned in 2017

The past 12 months have been packed with geopolitical incidents, global malware threats and ubiquitous big-name data breaches. From the CIA Vault7 and NSA Shadow Brokers leaks at the start of the year, to the WannaCry and NotPetya ‘ransomware’ campaigns, and Uber’s shocking revelations just last...

Exploit DB•added 2017/12/27 12:0 a.m.•47 views

Sony Playstation 4 (PS4) 4.05 - 'Jailbreak' WebKit / 'NamedObj ' Kernel Loader

PS4 4.05 Kernel Exploit --- Summary In this project you will find a full implementation of the "namedobj" kernel exploit for the PlayStation 4 on 4.05. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This release however, does...

Packet Storm•added 2017/12/22 12:0 a.m.•74 views

phpMars 1.0.9 Cross Site Scripting

Exploit Title: phpMars - Photos Social Network instagram clone - Cross Site Scripting Google Dork: N/A Date: 2017/20/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: http://grohsfabian.com/ Software Buy:...

Exploit DB•added 2017/12/06 12:0 a.m.•76 views

Hashicorp vagrant-vmware-fusion 4.0.24 - Local Privilege Escalation

I have previously disclosed a couple of bugs in Hashicorp's vagrant-vmware-fusion plugin for vagrant. Unfortunately the 4.0.23 release which was supposed to fix the previous bug I reported didn't address the issue, so Hashicorp quickly put out another release - 4.0.24 - after that but didn't upda...

Openbugbounty•added 2017/11/22 6:53 p.m.•15 views

aruodas.lt XSS vulnerability

Vulnerable URL: https://www.aruodas.lt/butai/?obj=1=Importancetext=%22%3E%3Cscript%3Ealert/OPENBUGBOUNTY/%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 28686 VIP website status:| Yes Coordinated...

Openbugbounty•added 2017/11/22 2:51 a.m.•11 views

bluegreenkorea.co.kr XSS vulnerability

Vulnerable URL: http://www.bluegreenkorea.co.kr/bbs.php?table=helpdesk=%22%27--!%3E%3C/Title/%3C/Style/%3C/Script/%3C/c/%3C/Noscript/%3C/Pre/%3C/Xmp%3E%3CBody/OnPageShow=confirm/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:|...

Information Security Automation•added 2017/11/18 10:16 p.m.•94 views

ZeroNights 2017: back to the cyber 80s

Last Friday, 17th of November, I attended the ZeroNights 2017 conference in Moscow. And it was pretty awesome. Thanks to the organizers! Here I would like to share some of my impressions. First of all, I want to say that two main Moscow events for information security practitioners, PHDays and...

Openbugbounty•added 2017/11/17 3:43 a.m.•18 views

mathcelebrity.com XSS vulnerability

Vulnerable URL: http://www.mathcelebrity.com/search.php?q=drtj%22%27--!%3E%3CScript%20/K/%3Econfirm1%3C/Script%20/K/%3E=0=0 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 80121 VIP website status:| No Coordinate...

Openbugbounty•added 2017/11/15 1:29 a.m.•8 views

brillianshop.com XSS vulnerability

Vulnerable URL: https://brillianshop.com/app/goods/search.php/%22%3E%3Cimg%20src=x%20onerror=alert%27XSS%27%3E// Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 9730631 VIP website status:| No Coordinated...

Hacker One•added 2017/11/14 5:6 a.m.•66 views

Trello: Able to run script on https://trello-attachments.s3.amazonaws.com/ [N/A]

HI Trello Security Team this pratik From India ------------------------------------------------------------------------------ I have Founded Stored XSS On your Website critical issue need to be patched before someoneattacker exploit this...

Openbugbounty•added 2017/11/10 7:24 p.m.•18 views

mygreenglobe.co XSS vulnerability

Vulnerable URL: http://mygreenglobe.co/social/mygreenglobe/company-overview.php?searchid=%22%3E%3Csvg%3E%3Cscript%3E/%3C@/%3Eprompt/OPENBUGBOUNTY/%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

Openbugbounty•added 2017/11/10 5:52 a.m.•8 views

groups.ch XSS vulnerability

Vulnerable URL: http://www.groups.ch/de/kontaktgruppen.html?action=kontakt Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 786320 VIP website status:| No Coordinated Disclosure Timeline: Description| Value ---|--...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by