CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

951 matches found

Prion•added 2014/08/07 11:13 a.m.•22 views

Code injection

Static code injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote authenticated users to inject arbitrary PHP code into settings/conf.php via the wordupperbound parameter...

6.5CVSS7.3AI score0.02262EPSS

Exploits3References2Affected Software1

0day.today•added 2014/08/01 12:0 a.m.•23 views

Sphider 1.3.6 - Multiple Vulnerabilities

Exploit for php platform in category web applications Description: The web application is vulnerable to SQLi. Once a website has been indexed with Sphider, an attacker can inject SQL under Sites - Browser pages- filter option. Proof of Concept: Response: POST: /admin/admin.php...

seebug.org•added 2014/07/01 12:0 a.m.•16 views

CuteNews <= 1.4.1 (categories.mdu) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl cijfer-cnxpl - CuteNews =1.4.1 Remote Command Execution Copyright c 2005 cijfer [email protected] All rights reserved. 1. example cijfer@kalma:/research$ ./cijfer-cnxpl.pl -h www.xxxx.org -d /news [email protected] /$ id;uname -a uid=48apache...

seebug.org•added 2014/07/01 12:0 a.m.•14 views

LinPHA 0.9.x/1.0 sec_stage_install.php language Parameter Local File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16592/info LinPHA is prone to multiple local file-inclusion and PHP code-injection vulnerabilities. The local file-inclusion issues are due to insecure use of the 'includeonce' PHP function in multiple scripts. The PHP...

seebug.org•added 2014/07/01 12:0 a.m.•10 views

Bitweaver <= 2.6 saveFeed() Remote Code Execution Exploit

No description provided by source. ?php / Bitweaver = 2.6 /boards/boardsrss.php / saveFeed remote code execution exploit by Nine:Situations:Group::bookoo php.ini independent site: http://retrogod.altervista.org/ software site: http://www.bitweaver.org/ You need an user account and you need to...

seebug.org•added 2014/07/01 12:0 a.m.•13 views

Yoxel <= 1.23beta (itpm_estimate.php a) Remote Code Execution Vuln

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl Yoxel = 1.23beta PHP code Injection Vulnerability Script: Yoxel is a hidden gem. This Open Source...

seebug.org•added 2014/07/01 12:0 a.m.•26 views

Coppermine Photo Gallery 1.0 PHP Code Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7300/info Coppermine Photo Gallery has been reported prone to PHP code injection attacks. Due to a lack of sufficient sanitization performed on user-supplied filenames that are uploaded into the Photo Gallery, an attacker...

seebug.org•added 2014/07/01 12:0 a.m.•18 views

Wordpress W3 Total Cache PHP Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

seebug.org•added 2014/07/01 12:0 a.m.•15 views

PEHEPE Membership Management System 3.0 - Remote PHP Script Code Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16887/info PEHEPE Membership Management System is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to facilitate a compromise of the application and the underlying system; other attac...

seebug.org•added 2014/07/01 12:0 a.m.•216 views

SQLiteManager 1.2.4 - Remote PHP Code Injection Vulnerability

No description provided by source. Description: =============================================================== Exploit Title: SQLiteManager 0Day Remote PHP Code Injection Vulnerability Google Dork: intitle:SQLiteManager inurl:sqlite/ Date: 23/01/2013 Exploit Author: RealGame Vendor Homepage:...

seebug.org•added 2014/07/01 12:0 a.m.•13 views

NOCC 1.0 html_bottom_table.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to inject...

seebug.org•added 2014/07/01 12:0 a.m.•15 views

PMOS Help Desk <= 2.4 - Remote Command Execution Exploit

No description provided by source. ?php / ------------------------------------------------------ PMOS Help Desk = 2.4 Remote Command Execution Exploit ------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://www.h2desk.com/pmos...

seebug.org•added 2014/07/01 12:0 a.m.•14 views

LinPHA 0.9.x/1.0 install.php language Parameter Local File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16592/info LinPHA is prone to multiple local file-inclusion and PHP code-injection vulnerabilities. The local file-inclusion issues are due to insecure use of the 'includeonce' PHP function in multiple scripts. The PHP...

seebug.org•added 2014/07/01 12:0 a.m.•15 views

Symantec Web Gateway 5.0.2.8 Command Execution Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

seebug.org•added 2014/07/01 12:0 a.m.•10 views

MetInfo 3.0 PHP Code Injection Vulnerability

No description provided by source...

seebug.org•added 2014/07/01 12:0 a.m.•16 views

Shop-Script FREE <= 2.0 - Remote Command Execution Exploit

No description provided by source. ?php Shop-Script FREE = 2.0 Remote Command Execution Exploit by InATeam tested on versions 1.2 and 2.0 works regardless magicquotesgpc=on Greetz: eXp, Kuzya, cxim, Russian, ENFIX echo --------------------------------------------------------\n; echo Shop-Script...

seebug.org•added 2014/07/01 12:0 a.m.•12 views

PHP Photo Album <= 0.4.1.16 - Multiple Disclosure Vulnerabilities

No description provided by source. ---------------------------------------------------------------- PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- Exploit Title: PHP Photo Album = 0.4.1.16 Multiple Disclosure...

seebug.org•added 2014/07/01 12:0 a.m.•19 views

Feed on Feeds <= 0.5 - Remote PHP Code Injection Exploit

No description provided by source. ?php / ------------------------------------------------------ Feed on Feeds = 0.5 Remote PHP Code Injection Exploit ------------------------------------------------------ author..........: EgiX mail............: n0b0d13satgmaildotcom software link...:...

seebug.org•added 2014/07/01 12:0 a.m.•14 views

RoSPORA <= 1.5.0 - Remote PHP Code Injection

No description provided by source. ?php / -------------------------------------------------- RoSPORA = 1.5.0 Remote PHP Code Injection Exploit -------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://code.google.com/p/rospora/ This PoC...

seebug.org•added 2014/07/01 12:0 a.m.•54 views

4images 1.7.6 - 9 - CSRF Inject PHP Code

No description provided by source. !/usr/bin/perl Title : 4images 1.7.6 9 Csrf inject php code Author : Or4nG.M4n Version : 1.7.6 9 Homepage : http://www.4homepages.de/ Dork : Powered by 4images video : http://youtu.be/NYFzC9hH54 Thnks+----------------------------------+ | xSs m4n i-Hmx h311c0d3...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by