CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7638 matches found

Cvelist•added 2009/06/04 5:0 p.m.•16 views

CVE-2009-1915

Stack-based buffer overflow in the URL Search Hook ICQToolBar.dll in ICQ 6.5 allows remote attackers to cause a denial of service persistent crash and possibly execute arbitrary code via an Internet shortcut .URL file containing a long URL parameter, which triggers a crash when browsing a folder...

8.1AI score0.04951EPSS

Exploits1References5

ThreatPost•added 2009/04/28 5:17 p.m.•12 views

Old phishing sites still sending spam, attracting victims

The cooperative effort of ISPs, security vendors, volunteer groups and other interested parties has helped develop a quick and efficient method for taking down phishing sites, usually within hours or days of their appearance. However, many phishing sites that have been up for a week or more still...

7.4AI score

Exploits0References6

NVD•added 2009/04/28 4:30 p.m.•10 views

CVE-2008-6758

Cross-site request forgery CSRF vulnerability in cartsave.php in ViArt Shop aka Shopping Cart 3.5 allows remote attackers to hijack the authentication of arbitrary users for requests that conduct persistent cross-site scripting XSS attacks via the cartname parameter in a save action...

6.8CVSS6.5AI score0.00963EPSS

Exploits1References6

Prion•added 2009/04/24 3:30 p.m.•22 views

Cross site scripting

Google Chrome 2.0.x lets modifications to the global object persist across a page transition, which makes it easier for attackers to conduct Universal XSS attacks via unspecified vectors...

4.3CVSS5.8AI score0.00448EPSS

Exploits1References2Affected Software1

CVE•added 2009/04/24 3:0 p.m.•76 views

CVE-2009-1414

CVE-2009-1414 pertains to Google Chrome 2.0.x, where modifications to the global object can persist across a page transition. The connected sources describe this as enabling universal XSS attacks via unspecified vectors, with the base CVSS v2 score listed as 4.3 (Medium) and an attacker that does...

4.3CVSS5.5AI score0.00448EPSS

Exploits1References2Affected Software1

Cvelist•added 2009/04/24 3:0 p.m.•34 views

CVE-2009-1414

Google Chrome 2.0.x lets modifications to the global object persist across a page transition, which makes it easier for attackers to conduct Universal XSS attacks via unspecified vectors...

5.5AI score0.00448EPSS

Exploits1References2

seebug.org•added 2009/03/24 12:0 a.m.•46 views

Rittal CMC-TC Processing Unit II Multiple Vulnerabilities

No description provided by source. Louhi Networks Oy -= Security Advisory =- Advisory: Rittal CMC-TC Processing Unit II multiple vulnerabilities Release Date: 2009-03-23 Last Modified: 2009-03-22 Authors: Henri Lindberg, CISA henri d0t lindberg at louhi d0t fi Application: Rittal CMC-TC PU II Web...

7.1AI score

Exploits0

ThreatPost•added 2009/03/19 6:41 p.m.•14 views

Researchers unveil persistent BIOS attack methods

Apply all of the browser, application and OS patches you want, your machine still can be completely and silently compromised at the lowest level–without the use of any vulnerability. That was the rather sobering message delivered by a pair of security researchers from Core Security Technologies i...

1.9AI score

Exploits0References2

Exploit DB•added 2009/03/10 12:0 a.m.•40 views

Joomla! Component Djice Shoutbox 1.0 - Persistent Cross-Site Scripting

Joomla Djice Shoutbox v 1.0 alert'XaDoS' or '"alert'XSS By XaDoS' the XSS become permanent in every page of site! not critical damage but it's not funny.. + D3M0: http://www.djiceatwork.com contact me at xados @ hotmail . it www.securitycode.it milw0rm.com 2009-03-10...

7.4AI score

Exploits0

securityvulns•added 2009/03/04 12:0 a.m.•67 views

RitsBlog 0.4.2 (Authentication Bypass) SQL Injection Vulnerability / XSS Persistent Vulnerability

Salvatore "drosophila" Fresta + Application: RitsBlog + Version: 0.4.2 + Website: http://sourceforge.net/projects/ritsblog/ + Bugs: A SQL Injection B XSS Persistent + Exploitation: Remote + Date: 02 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta +...

0.1AI score

Exploits0

securityvulns•added 2009/03/04 12:0 a.m.•42 views

NovaBoard <= 1.0.1 / XSS Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= NovaBoard = 1.0.1 / XSS Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= $ Program: NovaBoard $ Version: = 1.0.1 $ File affected: index.php $ Download: http://www.novaboard.net/ Found by Pepelux pepeluxatenye-sec.org eNYe-Sec - www.enye-sec.org -- About...

5.9AI score

Exploits0

seebug.org•added 2009/03/03 12:0 a.m.•14 views

NovaBoard <= 1.0.1 (message) Persistent XSS Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= NovaBoard = 1.0.1 / XSS Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= $ Program: NovaBoard $ Version: = 1.0.1 $ File affected: index.php $ Download: http://www.novaboard.net/ Found by Pepelux pepeluxatenye-sec.org...

7.1AI score

Exploits0

exploitpack•added 2009/03/03 12:0 a.m.•12 views

Novaboard 1.0.1 - Cross-Site Scripting

Novaboard 1.0.1 - Cross-Site Scripting -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= NovaBoard eNYe-Sec - www.enye-sec.org -- About the program by the author's page -- NovaBoard is a free, feature rich community message board software written in PHP & MySQL that allows you to set up your own forum withi...

6.8AI score

Exploits0

0day.today•added 2009/03/03 12:0 a.m.•21 views

NovaBoard <= 1.0.1 (message) Persistent XSS Vulnerability

Exploit for unknown platform in category web applications ========================================================= NovaBoard alertdocument.cookie you can also send the user cookie to another site Non-persistent XSS:...

7.1AI score

Exploits0

seebug.org•added 2009/03/03 12:0 a.m.•11 views

RitsBlog 0.4.2 (AB/XSS) Multiple Remote Vulnerabilities

No description provided by source. Salvatore "drosophila" Fresta + Application: RitsBlog + Version: 0.4.2 + Website: http://sourceforge.net/projects/ritsblog/ + Bugs: A SQL Injection B XSS Persistent + Exploitation: Remote + Date: 02 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Autho...

7.1AI score

Exploits0

Packet Storm•added 2009/03/02 12:0 a.m.•14 views

RitsBlog 0.4.2 SQL Injection / XSS

0.1AI score

Exploits0

exploitpack•added 2009/03/02 12:0 a.m.•7 views

ritsblog 0.4.2 - Authentication Bypass Cross-Site Scripting

ritsblog 0.4.2 - Authentication Bypass Cross-Site Scripting Salvatore "drosophila" Fresta + Application: RitsBlog + Version: 0.4.2 + Website: http://sourceforge.net/projects/ritsblog/ + Bugs: A SQL Injection B XSS Persistent + Exploitation: Remote + Date: 02 Mar 2009 + Discovered by: Salvatore...

0.3AI score

Exploits0

Exploit DB•added 2009/03/02 12:0 a.m.•42 views

ritsblog 0.4.2 - Authentication Bypass / Cross-Site Scripting

7.4AI score

Exploits0

Packet Storm•added 2009/02/16 12:0 a.m.•23 views

InselPhoto 1.1 Cross Site Scripting

Software: InselPhoto v1.1 Persistent XSS Vulnerability Discovered by: Paul Hand aka rAWjAW Blog: http://rawjaw-security.blogspot.com E-mail: phand3754gmailcom Shouts: rBg && eternalsecurity For this Persistent XSS to work you have to: 1. Create a user account 2. Create an album 3. Upload any...

7.4AI score

Exploits0

0day.today•added 2009/02/16 12:0 a.m.•14 views

InselPhoto 1.1 Persistent XSS Vulnerability

Exploit for unknown platform in category web applications =========================================== InselPhoto 1.1 Persistent XSS Vulnerability =========================================== Software: InselPhoto v1.1 Persistent XSS Vulnerability Discovered by: Paul Hand aka rAWjAW For this...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by