CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

6653 matches found

Exploit DB•added 2018/01/05 12:0 a.m.•58 views

gps-server.net GPS Tracking Software < 3.1 - Multiple Vulnerabilities

Exploit Title: GPS-SERVER.NET SAAS CMS Unfortunately each and every POST request in the CMS is going through function mysqlrealescapestring which will add slashes behind every quote in the payload. So you have to make sure your payload doesn't contain any quote. Fortunately, PHP is flexible enoug...

9.8CVSS9.6AI score0.36893EPSS

Packet Storm•added 2018/01/02 12:0 a.m.•35 views

Eventsys Events Management System 1.0 Cross Site Scripting

Exploit Title: Eventsys & Events Management System - Xss Google Dork: N/A Date: 2018/01/01 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://codecanyon.net/user/miteshgoswami Software Buy:...

Packet Storm•added 2017/12/31 12:0 a.m.•43 views

Chatting System PHP Ajax MySQL JavaScript 1.0 Shell Upload

Exploit Title: Chatting System PHP Ajax MySQL JavaScript - Remote Shell Upload Google Dork: N/A Date: 2017/31/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://www.codester.com/IngeniousDeveloper Software Buy:...

Packet Storm•added 2017/12/31 12:0 a.m.•43 views

Chatting System PHP Ajax MySQL JavaScript 1.0 Cross Site Scripting

Exploit Title: Chatting System PHP Ajax MySQL JavaScript - xss Google Dork: N/A Date: 2017/31/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://www.codester.com/IngeniousDeveloper Software Buy:...

Packet Storm•added 2017/12/31 12:0 a.m.•41 views

Auto Generate Data Sample 1.0 Cross Site Scripting

Exploit Title: Auto Generate Data Sample PHP - xss Google Dork: N/A Date: 2017/31/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://www.codester.com/niagawebster Software Buy: https://www.codester.com/items/5580/auto-generate-data-sample-php Demo:...

Packet Storm•added 2017/12/28 12:0 a.m.•34 views

Tripbuddy Travel, Locations, And Events 1.0 Cross Site Scripting

Exploit Title: Tripbuddy - Travel, Locations and Events Web App - xss Google Dork: N/A Date: 2017/28/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://tripbuddy-app.com/ Software Buy:...

Trend Micro Simply Security•added 2017/12/27 2:0 p.m.•28 views

Security Round-up: Five Things We’ve Learned in 2017

The past 12 months have been packed with geopolitical incidents, global malware threats and ubiquitous big-name data breaches. From the CIA Vault7 and NSA Shadow Brokers leaks at the start of the year, to the WannaCry and NotPetya ‘ransomware’ campaigns, and Uber’s shocking revelations just last...

Exploit DB•added 2017/12/27 12:0 a.m.•45 views

Sony Playstation 4 (PS4) 4.05 - 'Jailbreak' WebKit / 'NamedObj ' Kernel Loader

PS4 4.05 Kernel Exploit --- Summary In this project you will find a full implementation of the "namedobj" kernel exploit for the PlayStation 4 on 4.05. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This release however, does...

Packet Storm•added 2017/12/22 12:0 a.m.•73 views

phpMars 1.0.9 Cross Site Scripting

Exploit Title: phpMars - Photos Social Network instagram clone - Cross Site Scripting Google Dork: N/A Date: 2017/20/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: http://grohsfabian.com/ Software Buy:...

Exploit DB•added 2017/12/06 12:0 a.m.•76 views

Hashicorp vagrant-vmware-fusion 4.0.24 - Local Privilege Escalation

I have previously disclosed a couple of bugs in Hashicorp's vagrant-vmware-fusion plugin for vagrant. Unfortunately the 4.0.23 release which was supposed to fix the previous bug I reported didn't address the issue, so Hashicorp quickly put out another release - 4.0.24 - after that but didn't upda...

Openbugbounty•added 2017/11/22 6:53 p.m.•14 views

aruodas.lt XSS vulnerability

Vulnerable URL: https://www.aruodas.lt/butai/?obj=1=Importancetext=%22%3E%3Cscript%3Ealert/OPENBUGBOUNTY/%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 28686 VIP website status:| Yes Coordinated...

Openbugbounty•added 2017/11/22 2:51 a.m.•10 views

bluegreenkorea.co.kr XSS vulnerability

Vulnerable URL: http://www.bluegreenkorea.co.kr/bbs.php?table=helpdesk=%22%27--!%3E%3C/Title/%3C/Style/%3C/Script/%3C/c/%3C/Noscript/%3C/Pre/%3C/Xmp%3E%3CBody/OnPageShow=confirm/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:|...

Information Security Automation•added 2017/11/18 10:16 p.m.•93 views

ZeroNights 2017: back to the cyber 80s

Last Friday, 17th of November, I attended the ZeroNights 2017 conference in Moscow. And it was pretty awesome. Thanks to the organizers! Here I would like to share some of my impressions. First of all, I want to say that two main Moscow events for information security practitioners, PHDays and...

Openbugbounty•added 2017/11/17 3:43 a.m.•18 views

mathcelebrity.com XSS vulnerability

Vulnerable URL: http://www.mathcelebrity.com/search.php?q=drtj%22%27--!%3E%3CScript%20/K/%3Econfirm1%3C/Script%20/K/%3E=0=0 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 80121 VIP website status:| No Coordinate...

Openbugbounty•added 2017/11/15 1:29 a.m.•7 views

brillianshop.com XSS vulnerability

Vulnerable URL: https://brillianshop.com/app/goods/search.php/%22%3E%3Cimg%20src=x%20onerror=alert%27XSS%27%3E// Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 9730631 VIP website status:| No Coordinated...

Hacker One•added 2017/11/14 5:6 a.m.•66 views

Trello: Able to run script on https://trello-attachments.s3.amazonaws.com/ [N/A]

HI Trello Security Team this pratik From India ------------------------------------------------------------------------------ I have Founded Stored XSS On your Website critical issue need to be patched before someoneattacker exploit this...

Openbugbounty•added 2017/11/10 7:24 p.m.•17 views

mygreenglobe.co XSS vulnerability

Vulnerable URL: http://mygreenglobe.co/social/mygreenglobe/company-overview.php?searchid=%22%3E%3Csvg%3E%3Cscript%3E/%3C@/%3Eprompt/OPENBUGBOUNTY/%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

Openbugbounty•added 2017/11/10 5:52 a.m.•7 views

groups.ch XSS vulnerability

Vulnerable URL: http://www.groups.ch/de/kontaktgruppen.html?action=kontakt Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 786320 VIP website status:| No Coordinated Disclosure Timeline: Description| Value ---|--...

Trend Micro Simply Security•added 2017/11/08 3:11 p.m.•41 views

3 Reasons to Use VMware NSX with Trend Micro Deep Security

Enterprises have begun adopting network virtualization for their IT infrastructure. According to a 2016 survey conducted by Accenture, 95 percent of small, medium, and large enterprises believe “network services will be virtualized.” Meanwhile, 25 percent of those who have adopted network...

Openbugbounty•added 2017/11/06 6:50 p.m.•18 views

dalesman.uk.com XSS vulnerability

Vulnerable URL: http://www.dalesman.uk.com/products.php?suppID=d3v2%27%22%3E%3CsVg%2FoNLoad%3Dprompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 6660412 VIP website status:| No Coordinated...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by