CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

htbridge•added 2014/01/22 12:0 a.m.•41 views

Multiple Vulnerabilities in Eventum

High-Tech Bridge Security Research Lab discovered vulnerability in Eventum, which can be exploited to reinstall and compromise vulnerable application. 1 Incorrect Default Permissions in Eventum: CVE-2014-1631 The vulnerability exists due to incorrect default permission set for installation script...

10CVSS1.3AI score0.10683EPSS

Exploits6Affected Software1

Packet Storm•added 2014/01/17 12:0 a.m.•34 views

bloofoxCMS 0.5.0 CSRF / PHP Code Injection

!/usr/bin/perl Title : bloofoxCMS V0.5.0 - Csrf inject php code Author : AtT4CKxT3rR0r1ST Contact : [email protected] , [email protected] Home : http://www.iphobos.com/blog/ Script : http://www.bloofox.com/download.21.html Version : 0.5.0 Dork : "Powered by bloofoxCMS" Vulnerability In Languag...

0.6AI score

exploitpack•added 2014/01/17 12:0 a.m.•20 views

BloofoxCMS 0.5.0 - Multiple Vulnerabilities

BloofoxCMS 0.5.0 - Multiple Vulnerabilities bloofoxCMS V0.5.0 - Multiple Vulnerabilties =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

0.2AI score

Kitploit•added 2014/01/15 1:12 a.m.•41 views

[Weevely v1.1] Stealth tiny PHP web shell

Weevely is a stealth PHP web shell that provides a telnet-like console. It is an essential tool for web application post exploitation , and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones. Weevely is currently included in Backtrack and Backbox...

8.4AI score

Exploits0References4

Check Point Advisories•added 2014/01/07 12:0 a.m.•3 views

IRSR pageheaderdefault.inc.php sysSessionPath Parameter PHP Code Execution - Ver2 (CVE-2006-4237)

A code execution vulnerability has been reported in Invisionix Roaming System Remote IRSR. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.6AI score0.02425EPSS

Exploits1

Packet Storm•added 2014/01/07 12:0 a.m.•36 views

vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit3 'vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload', 'Description' = %q vTiger CRM allows an user to...

0.2AI score0.84535EPSS

Exploits13

Check Point Advisories•added 2014/01/07 12:0 a.m.•3 views

Knusperleicht Shoutbox index.php sb_include_path Parameter PHP Code Execution - Ver2 (CVE-2006-3989)

A code execution vulnerability has been reported in Knusperleicht Shoutbox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.1CVSS7.5AI score0.03348EPSS

Exploits1

Exploit DB•added 2014/01/07 12:0 a.m.•139 views

vTiger CRM 5.4.0 SOAP - AddEmailAttachment Arbitrary File Upload (Metasploit)

7.4AI score

OpenVAS•added 2013/12/30 12:0 a.m.•26 views

TYPO3 Autoloader Command Execution Vulnerability

TYPO3 is prone to a command execution vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; ifdescription...

6.8CVSS6.8AI score0.01155EPSS

Positive Technologies•added 2013/12/26 12:0 a.m.•3 views

PT-2014-86: Local File Inclusion in ShopOS

The specialists of the Positive Research center have detected a Local File Inclusion vulnerability in ShopOS. Insufficient validation of user input in the 5.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may result in sensitive...

Positive Technologies•added 2013/12/26 12:0 a.m.•4 views

PT-2014-84: Local File Inclusion in ShopOS

The specialists of the Positive Research center have detected a Local File Inclusion vulnerability in ShopOS. Insufficient validation of user input in the 2.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may result in sensitive...

Positive Technologies•added 2013/12/26 12:0 a.m.•6 views

PT-2014-82: Multiple Local File Inclusion Vulnerabilities in ShopOS

The specialists of the Positive Research center have detected multiple Local File Inclusion vulnerabilities in ShopOS. Insufficient validation of user input in the \en\lang.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may resul...

7.5CVSS7.7AI score

Positive Technologies•added 2013/12/26 12:0 a.m.•8 views

PT-2014-85: Local File Inclusion in ShopOS

The specialists of the Positive Research center have detected a Local File Inclusion vulnerability in ShopOS. Insufficient validation of user input in the 3.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may result in sensitive...

Positive Technologies•added 2013/12/26 12:0 a.m.•4 views

PT-2014-87: Local File Inclusion in ShopOS

The specialists of the Positive Research center have detected a Local File Inclusion vulnerability in ShopOS. Insufficient validation of user input in the index.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may result in sensiti...

Packet Storm•added 2013/12/16 12:0 a.m.•24 views

iScripts Multicart SQL Injection

Iscripts multicart Multiple vulnerabilities Author : i-Hmx [email protected] sec4ever.com - Vendor have been contacted since 2 years for more than 20 times and he don't give ashit @ all :/ I.Sql Injection Vulns /getProductOptionDetailsAjax.php For Table name Post productoptionid=i-Hmx'/!1337union...

0.6AI score

0day.today•added 2013/12/16 12:0 a.m.•43 views

iScripts AutoHoster PHP Code Injection Vulnerability

iScripts AutoHoster suffers from file disclosure, PHP code injection, file disclosure, and remote SQL injection vulnerabilities. ?php / + iScripts AutoHoster + Multiple vulnerabilities , PHP Code injection Exploit + Author : i-Hmx + email protected + sec4ever.com , 1337s.cc I.Sql Injection Vuln...

8.4AI score

Packet Storm•added 2013/12/15 12:0 a.m.•21 views

iScripts AutoHoster PHP Code Injection

?php / + iScripts AutoHoster + Multiple vulnerabilities , PHP Code injection Exploit + Author : i-Hmx + [email protected] + sec4ever.com , 1337s.cc I.Sql Injection Vuln /checktransferstatus.php Table name : submit=faris&cmbdomain=i-Hmx' /!1337union all select 0x6661726973,select distinct...

0.2AI score

0day.today•added 2013/12/14 12:0 a.m.•35 views

Affiliate Network Pro 9.* PHP Code Injection Vulnerability

Affiliate Network Pro 9. To 9.3 infected with a PHP Code Injection This is private exploit. You can buy it at https://0day.today...

7.2AI score