CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7219 matches found

Exploit DB•added 2012/02/17 12:0 a.m.•51 views

Horde 3.3.12 - Backdoor Arbitrary PHP Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Horde 3.3.12...

7.5CVSS6.4AI score0.71897EPSS

Exploits8

Metasploit•added 2012/02/16 9:10 a.m.•53 views

Horde 3.3.12 Backdoor Arbitrary PHP Code Execution

This module exploits an arbitrary PHP code execution vulnerability introduced as a backdoor into Horde 3.3.12 and Horde Groupware 1.2.10. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Horde...

7.5CVSS0.4AI score0.71897EPSS

Exploits8

OpenVAS•added 2012/02/16 12:0 a.m.•10 views

swDesk Multiple Input Validation Vulnerabilities

swDesk is prone to the following vulnerabilities: 1. An arbitrary file-upload vulnerability. 2. Multiple cross-site scripting vulnerabilities. 3. Multiple PHP code-injection vulnerabilities. An attacker can exploit these issues to execute arbitrary script code in the context of the affected site,...

0.4AI score

Exploits0References2

OpenVAS•added 2012/02/16 12:0 a.m.•18 views

swDesk Multiple Input Validation Vulnerabilities

swDesk is prone to the following vulnerabilities: 1. An arbitrary file-upload vulnerability. 2. Multiple cross-site scripting vulnerabilities. 3. Multiple PHP code-injection vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced...

6.9AI score

Exploits0References2

securityvulns•added 2012/02/13 12:0 a.m.•78 views

Multiple vulnerabilities in ZENphoto

Advisory ID: HTB23070 Product: ZENphoto Vendor: www.zenphoto.org Vulnerable Version: 1.4.2 and probably prior Tested Version: 1.4.2 Vendor Notification: 18 January 2012 Vendor Patch: 19 January 2012 Public Disclosure: 8 February 2012 Vulnerability Type: PHP Code Execution, SQL Injection, XSS...

6.8CVSS0.3AI score0.02583EPSS

Exploits5

OpenVAS•added 2012/02/12 12:0 a.m.•34 views

Gentoo Security Advisory GLSA 201201-01 (phpMyAdmin)

The remote host is missing updates announced in advisory GLSA 201201-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

10CVSS0.4AI score0.14714EPSS

Exploits34

OpenVAS•added 2012/02/12 12:0 a.m.•35 views

Gentoo Security Advisory GLSA 201201-01 (phpMyAdmin)

The remote host is missing updates announced in advisory GLSA 201201-01. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

10CVSS7.1AI score0.14714EPSS

Exploits34References32

Exploit DB•added 2012/02/11 12:0 a.m.•26 views

Nova CMS - '/includes/function/usertpl.php?conf[blockfile]' Remote File Inclusion

source: https://www.securityfocus.com/bid/51976/info Nova CMS is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive information or execute malicio...

7.4AI score

Exploits0

Exploit DB•added 2012/02/11 12:0 a.m.•26 views

Nova CMS - '/includes/function/gets.php?Filename' Remote File Inclusion

7.4AI score

Exploits0

Exploit DB•added 2012/02/11 12:0 a.m.•31 views

Nova CMS - '/optimizer/index.php?fileType' Remote File Inclusion

7.4AI score

Exploits0

Exploit DB•added 2012/02/11 12:0 a.m.•28 views

Nova CMS - '/administrator/modules/moduleslist.php?id' Remote File Inclusion

7.4AI score

Exploits0

exploitpack•added 2012/02/11 12:0 a.m.•22 views

Nova CMS - administratormodulesmoduleslist.php?id Remote File Inclusion

Nova CMS - administratormodulesmoduleslist.php?id Remote File Inclusion source: https://www.securityfocus.com/bid/51976/info Nova CMS is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may...

0.2AI score

Exploits0

exploitpack•added 2012/02/11 12:0 a.m.•22 views

Nova CMS - optimizerindex.php?fileType Remote File Inclusion

Nova CMS - optimizerindex.php?fileType Remote File Inclusion source: https://www.securityfocus.com/bid/51976/info Nova CMS is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remot...

0.4AI score

Exploits0

exploitpack•added 2012/02/11 12:0 a.m.•25 views

Nova CMS - includesfunctiongets.php?Filename Remote File Inclusion

Nova CMS - includesfunctiongets.php?Filename Remote File Inclusion source: https://www.securityfocus.com/bid/51976/info Nova CMS is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a...

0.2AI score

Exploits0

exploitpack•added 2012/02/11 12:0 a.m.•18 views

Nova CMS - includesfunctionusertpl.php?conf[blockfile] Remote File Inclusion

Nova CMS - includesfunctionusertpl.php?confblockfile Remote File Inclusion source: https://www.securityfocus.com/bid/51976/info Nova CMS is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may...

7.5AI score

Exploits0

Prion•added 2012/02/07 9:55 p.m.•13 views

Directory traversal

actions.php in the AllWebMenus plugin 1.1.8 for WordPress allows remote attackers to bypass intended access restrictions to upload and execute arbitrary PHP code by setting the HTTPREFERER to a certain value, then uploading a ZIP file containing a PHP file, then accessing it via a direct request ...

7.5CVSS8.2AI score0.09625EPSS

Exploits1References6Affected Software1

OpenVAS•added 2012/02/03 12:0 a.m.•16 views

WordPress Theme Tuner Plugin 'tt-abspath' Parameter Remote File Inclusion Vulnerability

WordPress is prone to a remote file inclusion vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"...

7.5CVSS6.5AI score0.08079EPSS

Exploits3References6

Packet Storm•added 2012/02/02 12:0 a.m.•24 views

swDesk Shell Upload / Code Injection / XSS

Title : swDesk Multi Vulnerability Author : Red Security TEAM Date : 01/02/2012 Risk : High Vendor : http://www.swdesk.com/ Demo : http://www.swdesk.com/demo/swdesk/ Tested On : Apache Contact : Info 4t RedSecurity d0t COM Home : http://RedSecurity.COM Exploit : I. Arbitrary File Upload...

0.5AI score

Exploits0

0day.today•added 2012/02/01 12:0 a.m.•18 views

swDesk Multi Vulnerability

Exploit for php platform in category web applications Title : swDesk Multi Vulnerability Author : Red Security TEAM Date : 01/02/2012 Risk : High Vendor : http://www.swdesk.com/ Tested On : Apache Contact : Info 4t RedSecurity d0t COM Home : http://RedSecurity.COM Exploit : I. Arbitrary File Uplo...

7.1AI score

Exploits0

OpenVAS•added 2012/02/01 12:0 a.m.•33 views

WordPress 'setup-config.php' Multiple Vulnerabilities

WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...

7.5CVSS6.4AI score0.09475EPSS

Exploits10References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by