Lucene search
K

16 matches found

NVD
NVD
added 2026/02/03 6:16 p.m.7 views

CVE-2025-70758

chetans9 core-php-admin-panel through commit a94a780d6 contains an authentication bypass vulnerability in includes/authvalidate.php. The application sends an HTTP redirect via headerLocation:login.php when a user is not authenticated but fails to call exit afterward. This allows remote...

7.5CVSS0.00624EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/03 12:0 a.m.26 views

CVE-2025-70758

chetans9 core-php-admin-panel through commit a94a780d6 contains an authentication bypass vulnerability in includes/authvalidate.php. The application sends an HTTP redirect via headerLocation:login.php when a user is not authenticated but fails to call exit afterward. This allows remote...

0.00624EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.7 views

PT-2026-5986

Name of the Vulnerable Software and Affected Versions chetans9 core-php-admin-panel through commit a94a780d6 Description The application does not call exit after sending an HTTP redirect via headerLocation:login.php when a user is not authenticated. This allows remote unauthenticated attackers to...

7.5CVSS5.5AI score0.00624EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-0161

Malware in sbrugna...

10CVSS6.4AI score0.05785EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/25 12:0 a.m.3 views

ClassCMS 跨站脚本漏洞

ClassCMS is a simple, flexible, secure and easy-to-expand content management system from China ClassCMS open source. A cross-site scripting vulnerability exists in ClassCMS version 4.8, which originates from some unknown functions in the file /index.php/admin that can lead to cross-site scripting...

6.1CVSS4.3AI score0.0041EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.4 views

SUSE CVE-2007-5900

PHP before 5.2.5 allows local users to bypass protection mechanisms configured through phpadminvalue or phpadminflag in httpd.conf by using iniset to modify arbitrary configuration variables, a different issue than CVE-2006-4625...

6.9CVSS6.8AI score0.0034EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.2 views

SUSE CVE-2009-4896

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful mlmmj 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. dot d...

6.5CVSS7AI score0.01806EPSS
Exploits0References3
0day.today
0day.today
added 2018/09/24 12:0 a.m.82 views

Collectric CMU 1.0 - lang SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Collectric CMU 1.0 - 'lang' SQL injection Google Dork: "Inloggning Collectric CMU" Discoverer: Simon Brannstrom Vendor Homepage: http://ourenergy.se/ Software Link: n/a Version: All known versions Tested on: Linux CVE: N/A About...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/09/21 12:0 a.m.29 views

Collectric CMU 1.0 - lang Hard-Coded Credentials SQL injection

Collectric CMU 1.0 - lang Hard-Coded Credentials SQL injection Exploit Title: Collectric CMU 1.0 - 'lang' SQL injection Google Dork: "Inloggning Collectric CMU" Discoverer: Simon Brannstrom Date: 2018-09-15 Vendor Homepage: http://ourenergy.se/ Software Link: n/a Version: All known versions Teste...

0.2AI score
Exploits0
0day.today
0day.today
added 2016/11/14 12:0 a.m.32 views

phpWebAdmin 1.0 SQL Injection Vulnerability

phpWebAdmin version 1.0 suffers from a remote SQL injection vulnerability. !/usr/bin/perl -w phpWebAdmin Version 1.0 SQL Injection Proof Of Concept Exploit =============================================================== Discovered by NA , NAattutanota.com ========================================...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/03 12:0 a.m.36 views

sNews 1.7.1 - Cross-Site Request Forgery

Exploit Title : Snews CMS Cross Site Request Forgery Author : Ashiyane Digital Security Team Google Dork : "This site is powered by sNews" Date : 1/11/2016 Type : webapps Platform : PHP Vendor Homepage : http://snewscms.com/ Software link : http://snewscms.com/download/snews1.7.1.zip Version :...

7.4AI score
Exploits0
OSV
OSV
added 2010/08/02 8:40 p.m.8 views

CVE-2009-4896

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful mlmmj 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. dot d...

6.4AI score
Exploits0References11
OSV
OSV
added 2010/08/02 8:40 p.m.0 views

DEBIAN-CVE-2009-4896

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful mlmmj 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. dot d...

6.5CVSS7AI score0.01806EPSS
Exploits0References1
NVD
NVD
added 2010/08/02 8:40 p.m.15 views

CVE-2009-4896

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful mlmmj 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. dot d...

6.5CVSS6.5AI score0.01806EPSS
Exploits0References11
CVE
CVE
added 2010/08/02 7:0 p.m.53 views

CVE-2009-4896

CVE-2009-4896 affects the mlmmj project’s web interface mlmmj-php-admin, specifically versions 1.2.15 through 1.2.17. The vulnerability is a directory-traversal flaw allowing remote authenticated users to overwrite, create, or delete arbitrary files, or reveal existence of arbitrary directories, ...

6.5CVSS9AI score0.01806EPSS
Exploits0References11Affected Software1
UbuntuCve
UbuntuCve
added 2008/01/09 12:46 a.m.25 views

CVE-2008-0148

TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request...

10CVSS6.1AI score0.05785EPSS
Exploits0References1
Rows per page
Query Builder