CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

7596 matches found

exploitpack•added 2011/02/24 12:0 a.m.•12 views

WordPress Plugin GigPress 2.1.10 - Persistent Cross-Site Scripting

WordPress Plugin GigPress 2.1.10 - Persistent Cross-Site Scripting Exploit Title: GigPress 2.1.10 wordpress plugin Stored XSS Date: 21-2-2011 Author: Saif El-Sherei Version: GigPress 2.1.10, WordPress 3.0.5 Tested on: FireFox 3.6.13, IE 8 Vendor Response: plugin Author released an update to fix...

Exploit DB•added 2011/02/24 12:0 a.m.•30 views

WordPress Plugin GigPress 2.1.10 - Persistent Cross-Site Scripting

Exploit Title: GigPress 2.1.10 wordpress plugin Stored XSS Date: 21-2-2011 Author: Saif El-Sherei Version: GigPress 2.1.10, WordPress 3.0.5 Tested on: FireFox 3.6.13, IE 8 Vendor Response: plugin Author released an update to fix this issue Info: GigPress is a powerful WordPress plugin designed fo...

Packet Storm•added 2011/02/23 12:0 a.m.•20 views

Bitweaver 2.8.1 Cross Site Scripting

exploit title: persistant xss in bitweaver2.8.1 date: 22.o2.2o11 author: lemlajt software : bitweaver @ sourceforge.net version: 2.8.1 tested on: linux cve : PoC : 1. submit an article POST http://localhost/www/cmsadmins/bitweaver2.8.1/bitweaver/articles/edit.php form-data;...

exploitpack•added 2011/02/23 12:0 a.m.•12 views

Bitweaver 2.8.1 - Persistent Cross-Site Scripting

Bitweaver 2.8.1 - Persistent Cross-Site Scripting exploit title: persistant xss in bitweaver2.8.1 date: 22.o2.2o11 author: lemlajt software : bitweaver @ sourceforge.net version: 2.8.1 tested on: linux cve : PoC : 1. submit an article POST...

Exploit DB•added 2011/02/23 12:0 a.m.•18 views

Bitweaver 2.8.1 - Persistent Cross-Site Scripting

exploit title: persistant xss in bitweaver2.8.1 date: 22.o2.2o11 author: lemlajt software : bitweaver @ sourceforge.net version: 2.8.1 tested on: linux cve : PoC : 1. submit an article POST http://localhost/www/cmsadmins/bitweaver2.8.1/bitweaver/articles/edit.php form-data;...

0day.today•added 2011/02/22 12:0 a.m.•28 views

Tomato Gallery 1.2 (logged only) Persistant Xss Vunerability

Exploit for php platform in category web applications author: lemlajt software link: http://tomatogallery.yzx.se/ version: 1.2 tested on: linux cve : poc0.1 : 1. http://localhost/www/cmsadmins/tomatogallery12/edit/index.php 2. click @ "Add Separator" and type: bla'';!--alert document.cookie=& in...

0day.today•added 2011/02/22 12:0 a.m.•22 views

VFront 0.95m (need login) Persistant XSS Vunerability

Exploit for php platform in category web applications author: lemlajt software : VFront vendor: http://www.vfront.org/ version: 0.95m tested on: linux cve : PoC : Go to: http://192.168.1.123/www/cmsadmins/vfr/vfront-0.95m/admin/menuregistri.php?gid=0&modificagid&feed=modok In "Modify...

Exploit DB•added 2011/02/19 12:0 a.m.•32 views

eventum issue tracking system 2.3.1 - Persistent Cross-Site Scripting

Exploit Title: Eventum 2.3.1 stored XSS Date: 19-2-2011 Author: Saif El-Sherei Software Link: https://code.launchpad.net/eventum Version: Eventum 2.3.1 Tested on: FF 3.0.15, IE 8 Vendor notification: vendor notified, awaiting response Info: Eventum is a user-friendly and flexible issue tracking...

exploitpack•added 2011/02/19 12:0 a.m.•25 views

eventum issue tracking system 2.3.1 - Persistent Cross-Site Scripting

eventum issue tracking system 2.3.1 - Persistent Cross-Site Scripting Exploit Title: Eventum 2.3.1 stored XSS Date: 19-2-2011 Author: Saif El-Sherei Software Link: https://code.launchpad.net/eventum Version: Eventum 2.3.1 Tested on: FF 3.0.15, IE 8 Vendor notification: vendor notified, awaiting...

Exploit DB•added 2011/02/14 12:0 a.m.•24 views

AWCM 2.2 Final - Persistent Cross-Site Scripting

Exploit Title: AWCM v2.2 final Persistent Cross Site Script Date: 13-02-2011 Author:84kur10 Software Link: www.awcm-cms.com Version: v2.2 CVE : Contact: 84kur10atgmail.com Greetz to: SLG all Members, D4nb4r, Naviterrible, J3h3s, C4br4 http://sourceforge.net/projects/awcm/files/ Register a new use...

exploitpack•added 2011/02/14 12:0 a.m.•5 views

AWCM 2.2 Final - Persistent Cross-Site Scripting

AWCM 2.2 Final - Persistent Cross-Site Scripting Exploit Title: AWCM v2.2 final Persistent Cross Site Script Date: 13-02-2011 Author:84kur10 Software Link: www.awcm-cms.com Version: v2.2 CVE : Contact: 84kur10atgmail.com Greetz to: SLG all Members, D4nb4r, Naviterrible, J3h3s, C4br4...

Packet Storm•added 2011/02/14 12:0 a.m.•17 views

AWCM 2.2 Final Cross Site Scripting

Exploit Title: AWCM v2.2 final Persistent Cross Site Script Date: 13-02-2011 Author:84kur10 Software Link: www.awcm-cms.com Version: v2.2 CVE : Contact: 84kur10atgmail.com Greetz to: SLG all Members, D4nb4r, Naviterrible, J3h3s, C4br4 http://sourceforge.net/projects/awcm/files/ Register a new use...

Zero Science Lab•added 2011/02/11 12:0 a.m.•37 views

Oracle MySQL Eventum 2.3 Remote Script Insertion Vulnerabilities

Summary Eventum is a user-friendly and flexible issue tracking system that can be used by a support department to track incoming technical support requests, or by a software development team to quickly organize tasks and bugs. Description Eventum suffers from a cross-site scripting vulnerability...

Exploit DB•added 2011/02/07 12:0 a.m.•30 views

jakcms 2.0 pro rc5 - Persistent Cross-Site Scripting via useragent http header Injection

Exploit Title: JAKCMS 2.0 PRO RC5 stored XSS via useragent HTTP header Injection Date: 7-2-2011 Author: Saif El-Sherei Software Link: http://php.opensourcecms.com/scripts/redirect/download.php?id=480 Version: JAKCMS PRO 2.0 RC5 and probably earlier version Tested on: Firefox 3.0.15, , IE 8 Vendor...

securityvulns•added 2011/02/03 12:0 a.m.•110 views

TinyWebGallery: XSS + Directory Traversal

Date: 01/02/2011 dd/MM/yyyy Script: TinyWebGallery Version: 1.8.3 No fixes yet, might work on other versions too. Home: http://www.tinywebgallery.com -- Vulnerability: Non-persistent XSS Where: File: /admin/index.php Parameters: sview, tview, dir, item. Examples:...

0day.today•added 2011/02/02 12:0 a.m.•20 views

TinyWebGallery v 1.8.3 - Multiple Vulnerabilities

Exploit for php platform in category web applications Date: 01/02/2011 dd/MM/yyyy Script: TinyWebGallery Version: 1.8.3 No fixes yet, might work on other versions too. Home: http://www.tinywebgallery.com -- Vulnerability: Non-persistent XSS Where: File: /admin/index.php Parameters: sview, tview,...

Exploit DB•added 2011/02/01 12:0 a.m.•33 views

TinyWebGallery 1.8.3 - Multiple Vulnerabilities

Date: 01/02/2011 dd/MM/yyyy Script: TinyWebGallery Version: 1.8.3 No fixes yet, might work on other versions too. Home: http://www.tinywebgallery.com -- Vulnerability: Non-persistent XSS Where: File: /admin/index.php Parameters: sview, tview, dir, item. Examples:...

Packet Storm•added 2011/02/01 12:0 a.m.•29 views

CMS WebManager-Pro 7.4.3 Code Execution / Cross Site Request Forgery

Hello list! I want to warn you about Remote Code Execution and Cross-Site Request Forgery vulnerabilities in CMS WebManager-Pro. This CMS is widely using at different web sites, including security and government sites. ------------------------- Affected products: -------------------------...

Packet Storm•added 2011/02/01 12:0 a.m.•36 views

TinyWebGallery 1.8.3 Cross Site Scripting / Directory Traversal

Date: 01/02/2011 dd/MM/yyyy Script: TinyWebGallery Version: 1.8.3 No fixes yet, might work on other versions too. Home: http://www.tinywebgallery.com -- Vulnerability: Non-persistent XSS Where: File: /admin/index.php Parameters: sview, tview, dir, item. Examples:...

securityvulns•added 2011/01/31 12:0 a.m.•66 views

RCE и CSRF уязвимости в CMS WebManager-Pro

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Remote Code Execution и Cross-Site Request Forgery уязвимостях в CMS WebManager-Pro это украинская коммерческая CMS. RCE Remote PHP Code Execution WASC-31: В системе возможно включение php тэгов непосредственно в поля для текста контента. Таким...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by