CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

7642 matches found

Packet Storm•added 2014/12/09 12:0 a.m.•25 views

Humhub 0.10.0-rc.1 Cross Site Scripting / SQL Injection

Humhub 1 SQL injection vulnerability + Discovered by: Jos Wetzels, Emiel Florijn + Affects: Humhub condition is injected with the otherwise unsanitized $lastEntryId, which can be any SQL injection. Proof of Concept: Performing the following request index.php?r=notification/list/index&from=999 AND...

Vulnerability Lab•added 2014/12/05 12:0 a.m.•46 views

NASA Orion - Bypass, Persistent Issue & Embed Code Exec

Document Title: =============== NASA Orion - Bypass, Persistent Issue & Embed Code Exec References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1339 VU666988 US CERT Vulnerability Magazine:...

Packet Storm•added 2014/12/05 12:0 a.m.•46 views

NASA Orion (Mars) Filter Bypass / Persistent Cross Site Scripting

Document Title: =============== NASA Orion - Bypass, Persistent Issue & Embed Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1339 VU666988 US CERT Vulnerability Magazine:...

Vulnerability Lab•added 2014/12/05 12:0 a.m.•29 views

NASA Orion - Bypass, Persistent Issue & Embed Code Exec

Document Title: =============== NASA Orion - Bypass, Persistent Issue & Embed Code Exec References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1339 VU666988 US CERT Vulnerability Magazine:...

Vulnerability Lab•added 2014/12/03 12:0 a.m.•50 views

Elefant CMS v1.3.9 - Persistent Name Update Vulnerability

Document Title: =============== Elefant CMS v1.3.9 - Persistent Name Update Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1365 Release Date: ============= 2014-12-03 Vulnerability Laboratory ID VL-ID: ====================================...

Packet Storm•added 2014/12/03 12:0 a.m.•50 views

Altitude uAgent - Altitude uCI 7.5 XSS

Altitude uAgent - Altitude uCI 7.5 Persistent XSS Details ======================================================================================== Product: Altitude uAgent - Altitude uCI 7.5 Security-Risk: High Vendor-URL: http://www.altitude.com CVE-ID:CVE-2014-9212 Credits...

4.3CVSS6.8AI score0.01123EPSS

Vulnerability Lab•added 2014/12/03 12:0 a.m.•37 views

Elefant CMS v1.3.9 - Persistent Name Update Vulnerability

Document Title: =============== Elefant CMS v1.3.9 - Persistent Name Update Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1365 Release Date: ============= 2014-12-03 Vulnerability Laboratory ID VL-ID: ====================================...

Vulnerability Lab•added 2014/12/02 12:0 a.m.•81 views

RelateIQ Bug Bounty #1 - Persistent Signup Vulnerability

Document Title: =============== RelateIQ Bug Bounty 1 - Persistent Signup Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1320 Video: http://www.vulnerability-lab.com/getcontent.php?id=1332 Release Date: ============= 2014-12-02 Vulnerabili...

Vulnerability Lab•added 2014/12/02 12:0 a.m.•25 views

RelateIQ Bug Bounty #1 - Persistent Signup Vulnerability

Document Title: =============== RelateIQ Bug Bounty 1 - Persistent Signup Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1332 View: https://www.youtube.com/watch?v=ZxGbG6U45NE Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1320 Release Date:...

Vulnerability Lab•added 2014/12/02 12:0 a.m.•49 views

RelateIQ Bug Bounty #1 - Persistent Signup Vulnerability

Document Title: =============== RelateIQ Bug Bounty 1 - Persistent Signup Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1320 Video: http://www.vulnerability-lab.com/getcontent.php?id=1332 Release Date: ============= 2014-12-02 Vulnerabili...

securityvulns•added 2014/12/01 12:0 a.m.•62 views

WordPress 3 persistent script injection

OVERVIEW ======== A security flaw in WordPress 3 allows injection of JavaScript into certain text fields. In particular, the problem affects comment boxes on WordPress posts and pages. These don't require authentication by default. The JavaScript injected into a comment is executed when the targe...

securityvulns•added 2014/12/01 12:0 a.m.•141 views

BookFresh - Persistent Clients Invite Vulnerability

Document Title: =============== BookFresh - Persistent Clients Invite Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1351 Release Date: ============= 2014-10-28 Vulnerability Laboratory ID VL-ID: ==================================== 1351...

securityvulns•added 2014/12/01 12:0 a.m.•56 views

CSRF and XSS vulnerabilities in D-Link DAP-1360

Hello 3APA3A! There are Cross-Site Request Forgery and Cross-Site Scripting vulnerabilities in D-Link DAP-1360 Wi-Fi Access Point and Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: D-Link DAP-1360, Firmware 1.0.0. This model with other...

Tenable Nessus•added 2014/11/26 12:0 a.m.•39 views

OracleVM 2.1 : udev (OVMSA-2009-0006)

The remote OracleVM system is missing necessary patches to address critical security updates : CVE-2009-1185 udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. - fix fo...

7.2CVSS7.8AI score0.81528EPSS

Exploits12References2

Tenable Nessus•added 2014/11/25 12:0 a.m.•68 views

WordPress < 3.7.5 / 3.8.5 / 3.9.3 / 4.0.1 Multiple Vulnerabilities

According to its version number, the WordPress application installed on the remote web server is affected by multiple vulnerabilities : - Multiple unspecified errors exist that could allow cross-site scripting attacks. - An unspecified error exists that could allow cross-site request forgery...

6.8CVSS5.3AI score0.83162EPSS

Exploits8References14

Exploit DB•added 2014/11/25 12:0 a.m.•19 views

Crea8Social 1.3 - Persistent Cross-Site Scripting

Exploit Title: crea8social 1.3 Stored XSS Vulnerability Date: 24-10-2014 Exploit Author: Halil Dalabasmaz Version: v1.3 Vendor Homepage: http://codecanyon.net/item/crea8social-php-social-networking-platform-v13/9211270 Tested on: Chrome & Iceweasel Vulnerability Description: ===Stored XSS=== Crea...

0day.today•added 2014/11/22 12:0 a.m.•59 views

Supr Shopsystem 5.1.0 - Persistent UI Vulnerability

Exploit for php platform in category web applications Product & Service Introduction: =============================== SUPR is a modern and user-friendly system which allows each store very quickly and easily create their own online store. Without installation and own webspace you can begin to...

Packet Storm•added 2014/11/21 12:0 a.m.•45 views

Supr Shopsystem 5.1.0 Cross Site Scripting

Document Title: =============== Supr Shopsystem v5.1.0 - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1353 Release Date: ============= 2014-11-07 Vulnerability Laboratory ID VL-ID: ==================================== 1353...

RedHat Linux•added 2014/11/18 6:8 p.m.•3 views

libvirt: qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index

An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune function looked up the disk index in a non-persistent live disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could us...

5.8CVSS7.3AI score0.02751EPSS

Exploits0References4

Vulnerability Lab•added 2014/11/17 12:0 a.m.•75 views

Ebay Magento Bug Bounty #1 - Persistent API Vulnerability

Document Title: =============== Ebay Magento Bug Bounty 1 - Persistent API Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1202 eBay Inc. Bug Bounty Program ID: EIBBP-26643 Release Date: ============= 2014-11-17 Vulnerability Laboratory ID...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by