CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2009-2028

Malware in sbrugna...

4.3CVSS6.4AI score0.00296EPSS

Exploits1References4

RedhatCVE•added 2025/05/21 10:32 p.m.•4 views

CVE-2006-5197

PDshopPro stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 1 /pdshoppro.mdb, 2 /data/pdshoppro.mdb, or 3 /shoppro/data/pdshoppro.mdb...

5CVSS6.8AI score0.00306EPSS

Exploits0References1

Prion•added 2009/06/12 6:0 p.m.•9 views

Cross site scripting

Cross-site scripting XSS vulnerability in search.asp in PDshopPro, when downloaded before 20070308, allows remote attackers to inject arbitrary web script or HTML via the search parameter...

4.3CVSS6.1AI score0.00296EPSS

Exploits1References3

NVD•added 2009/06/12 6:0 p.m.•7 views

CVE-2009-2032

Cross-site scripting XSS vulnerability in search.asp in PDshopPro, when downloaded before 20070308, allows remote attackers to inject arbitrary web script or HTML via the search parameter...

4.3CVSS5.7AI score0.00296EPSS

Exploits1References3

CVE•added 2009/06/12 5:28 p.m.•45 views

CVE-2009-2032

PDshopPro is affected by a Cross-site Scripting (XSS) vulnerability in search.asp, exploitable via the search parameter for versions downloaded before 20070308. The issue allows remote attackers to inject arbitrary Web script or HTML. No explicit exploit details, scope, nor remediation are provid...

4.3CVSS5.9AI score0.00296EPSS

Exploits1References3Affected Software1

Cvelist•added 2009/06/12 5:28 p.m.•12 views

CVE-2009-2032

Cross-site scripting XSS vulnerability in search.asp in PDshopPro, when downloaded before 20070308, allows remote attackers to inject arbitrary web script or HTML via the search parameter...

5.7AI score0.00296EPSS

Exploits1References3

Packet Storm•added 2009/06/10 12:0 a.m.•24 views

PDshopPro Cross Site Scripting

=========================================================================================== Title : Cross-site Scripting XSS Vulnerability Software : PDshopPro Vendor : http://www.pagedowntech.com/products Date : 10 June 2009 Indonesia Author : Vrs-hCk Contact : [email protected] Blog :...

7.4AI score

Exploits0

NVD•added 2006/10/10 4:6 a.m.•7 views

CVE-2006-5197

5CVSS6.4AI score0.00306EPSS

Exploits0References1

Cvelist•added 2006/10/06 9:0 p.m.•13 views

CVE-2006-5197

6.4AI score0.00306EPSS

Exploits0References1

CVE•added 2006/10/06 9:0 p.m.•46 views

CVE-2006-5197

PDshopPro (CVE-2006-5197) suffers from insufficient access control, exposing the backend database under the web root. A remote attacker can download the database by directly requesting one of: /pdshoppro.mdb, /data/pdshoppro.mdb, or /shoppro/data/pdshoppro.mdb. This is a direct exposure of sensit...

5CVSS6.8AI score0.00306EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by