Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2271 matches found

Cvelist
Cvelistadded 2005/06/08 4:0 a.m.19 views

CVE-2005-1894

Direct code injection vulnerability in FlatNuke 2.5.3 allows remote attackers to execute arbitrary PHP code by placing the code into the Referer header of an HTTP request, which causes the code to be injected into referer.php, which can then be accessed by the attacker...

7.8AI score0.08916EPSS
Exploits1References5
Cvelist
Cvelistadded 2005/06/07 4:0 a.m.21 views

CVE-2005-1868

I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension...

7.7AI score0.01402EPSS
Exploits0References3
Cvelist
Cvelistadded 2005/06/07 4:0 a.m.22 views

CVE-2005-1882

PHP remote file inclusion vulnerability in lastgallery.php in YaPiG 0.93u and 0.94u allows remote attackers to execute arbitrary PHP code via the YAPIGPATH parameter...

7.6AI score0.02256EPSS
Exploits1References4
Cvelist
Cvelistadded 2005/06/07 4:0 a.m.19 views

CVE-2005-1864

PHP remote file inclusion vulnerability in caladmintop.php in Calendarix Advanced 1.5 allows remote attackers to execute arbitrary PHP code via the calpath parameter...

7.6AI score0.00375EPSS
Exploits1References2
exploitpack
exploitpackadded 2005/06/07 12:0 a.m.13 views

FlatNuke 2.5.x - help.php Multiple Cross-Site Scripting Vulnerabilities

FlatNuke 2.5.x - help.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13882/info Multiple input validation vulnerabilities reportedly affect FlatNuke. These issues are due to a failure of the application to properly sanitize user-supplied input prior to...

7AI score
Exploits0
securityvulns
securityvulnsadded 2005/06/07 12:0 a.m.31 views

[SA15603] FlatNuke Multiple Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

1AI score
Exploits0
Exploit DB
Exploit DBadded 2005/06/07 12:0 a.m.38 views

FlatNuke 2.5.x - 'help.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/13882/info Multiple input validation vulnerabilities reportedly affect FlatNuke. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it in application-critical actions such as generating Web content...

7AI score
Exploits0
NVD
NVDadded 2005/06/06 4:0 a.m.18 views

CVE-2005-1881

upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploaded image files, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code...

7.5CVSS7.4AI score0.06748EPSS
Exploits1References4
NVD
NVDadded 2005/06/01 4:0 a.m.18 views

CVE-2005-1820

zboard.php in Zeroboard version 4.1pl2 to 4.1pl5 allows remote attackers to execute arbitrary PHP code via improper quoting when using the pregreplace function...

7.5CVSS7.7AI score0.03062EPSS
Exploits1References3
securityvulns
securityvulnsadded 2005/06/01 12:0 a.m.28 views

[SA15558] I-Man File Attachments Upload Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.9AI score
Exploits0
securityvulns
securityvulnsadded 2005/05/13 12:0 a.m.24 views

[SA15312] BoastMachine File Upload Vulnerability

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: BoastMachine File Upload Vulnerability SECUNIA ADVISOR...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2005/05/11 12:0 a.m.22 views

e107 search.php search_info Parameter Traversal Arbitrary File Inclusion

The version of e107 installed on the remote host is affected by a remote file inclusion vulnerability because it fails to properly sanitize user-supplied input to the 'searchinfo' parameter of the 'search.php' script. This vulnerability could allow a remote, unauthenticated attacker to view...

6.2AI score
Exploits0References2
NVD
NVDadded 2005/05/03 4:0 a.m.23 views

CVE-2005-1438

PHP remote file inclusion vulnerability in main.php in osTicket allows remote attackers to execute arbitrary PHP code via the includedir parameter...

7.5CVSS7.6AI score0.00717EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2005/05/02 4:0 a.m.28 views

CVE-2005-0913

Unknown vulnerability in the regexreplace modifier modifier.regexreplace.php in Smarty before 2.6.8 allows attackers to execute arbitrary PHP code...

7.5CVSS6AI score0.00902EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2005/04/29 12:0 a.m.103 views

Claroline < 1.5.4 / 1.6.0 Multiple Vulnerabilities (RFI, SQLi, XSS, Traversal)

The version of Claroline an open source, collaborative learning environment installed on the remote host suffers from a number of remotely-exploitable vulnerabilities, including: - Multiple Remote File Include Vulnerabilities Four scripts let an attacker read arbitrary files on the remote host an...

7.5CVSS6.5AI score0.02567EPSS
Exploits3References5
Cvelist
Cvelistadded 2005/04/27 4:0 a.m.18 views

CVE-2005-1312

PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 allows remote attackers to execute arbitrary PHP code via unknown vectors...

7.6AI score0.02416EPSS
Exploits0References4
Cvelist
Cvelistadded 2005/04/22 4:0 a.m.15 views

CVE-2005-1222

catforgen.php in Annuaire Netref 4.2 allows remote attackers to execute arbitrary PHP code by setting the addirect parameter to reference catforgen.php, then including the code in the mforracine parameter, which is then written to catforgen.php...

7.5AI score0.042EPSS
Exploits0References4
CVE
CVEadded 2005/04/21 4:0 a.m.119 views

CVE-2001-1468

MODE C CVE-2001-1468 describes a PHP remote file inclusion in phpSecurePages where checklogin.php (and related components) allows arbitrary code execution if an attacker modifies the cfgProgDir parameter to reference a URL on a remote server. Connected advisories reiterate a code-execution vulner...

7.5CVSS7.6AI score0.01711EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2005/04/18 4:0 a.m.16 views

CVE-2005-1169

Mafia Blog .4 BETA does not properly protect the admin directory, which allows remote attackers to execute arbitrary PHP code by using writeinfo.php to inject the code into info.php...

7.6AI score0.00717EPSS
Exploits0References3
Gentoo Linux
Gentoo Linuxadded 2005/03/30 12:0 a.m.28 views

Smarty: Template vulnerability

Background Smarty is a template engine for PHP. The "template security" feature of Smarty is designed to help reduce the risk of a system compromise when you have untrusted parties editing templates. Description A vulnerability has been discovered within the regexreplace modifier of the Smarty...

7.5CVSS7.2AI score0.00902EPSS
Exploits0
Rows per page
Query Builder