CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

853 matches found

Packet Storm•added 2016/08/15 12:0 a.m.•42 views

Telegram Bot API Cross Site Request Forgery / Denial Of Service

Exploit Title : Telegram Bot API CSRF Vulnerability and use it as a ddoser Exploit Author : 4L1R3Z4 Date : 2016/08/15 Google Dork : No Home Page : https://core.telegram.org/bots/api Category : Web Application Discovered by : 4L1R3Z4 ============================== Description :...

7.4AI score

Exploits0

0day.today•added 2016/08/05 12:0 a.m.•104 views

NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vul

Exploit for hardware platform in category remote exploits Multiple vulnerabilities in NUUO NVRmini2 / NVRsolo / Crystal devices and NETGEAR ReadyNAS Surveillance application Discovered by Pedro Ribeiro email protected, Agile Information Security http://www.agileinfosec.co.uk/...

10CVSS0.5AI score0.9461EPSS

Exploits15

Tenable Nessus•added 2016/07/15 12:0 a.m.•33 views

Fedora 23 : wordpress (2016-a5e392ef01)

See upstream announcement WordPress 4.5.3 Maintenance and Security Release Packaging changes : - provide nginx configuration fedora - drop mandatory dependency on httpd suggested 1336091 - protect php files in uploads directory Note that Tenable Network Security has extracted the preceding...

7.5CVSS7.2AI score0.02737EPSS

Exploits0References2

Tenable Nessus•added 2016/07/15 12:0 a.m.•42 views

Fedora 24 : wordpress (2016-7db496f6f2)

7.5CVSS7.2AI score0.02737EPSS

Exploits0References2

Tenable Nessus•added 2016/07/15 12:0 a.m.•32 views

Fedora 22 : wordpress (2016-4573f8c9ba)

7.5CVSS7.2AI score0.02737EPSS

Exploits0References2

Packet Storm•added 2016/06/06 12:0 a.m.•35 views

WordPress WP Mobile Detector 3.5 Shell Upload

Exploit Title: WP Mobile Detector =3.5 Arbitrary File upload Google Dork: inurl: /wp-includes/plugins/wp-mobile-detector Date: 1-06-2015 Exploit Author: Aaditya Purani Author Details: https://aadityapurani.com Vendor: https://wordpress.org/plugins/wp-mobile-detector/changelog Version: 3.5 Tested...

7.4AI score

Exploits0

0day.today•added 2016/06/01 12:0 a.m.•73 views

AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities

Exploit for php platform in category web applications + Credits: hyp3rlinx + ISR: apparitionsec Vendor: ========== sourceforge.net smsid download linx: sourceforge.net/projects/ajax-explorer/files/ Product: ======================= AjaxExplorer v1.10.3.2 Manage server files through simple windows...

7.1AI score

Exploits0

Exploit DB•added 2016/02/26 12:0 a.m.•28 views

Joomla! Component com_poweradmin 2.3.0 - Multiple Vulnerabilities

--------------------------------------------------------- RatioSec Research Security Advisory RS-2016-001 --------------------------------------------------------- JSN PowerAdmin Joomla! Extension Remote Command Execution Via CSRF and XSS vulnerabilities...

7.4AI score

Exploits0

Packet Storm•added 2016/02/25 12:0 a.m.•38 views

JSN PowerAdmin 2.3.0 Code Exection / CSRF / XSS

0.3AI score

Exploits0

CNVD•added 2015/12/03 12:0 a.m.•1 views

Zhongkexinye Network Sentinel Arbitrary File Upload Vulnerability (CNVD-2015-07932)

ZKXY Network Sentinel is an Internet security auditing system that integrates behavioral auditing and content auditing and is deployed at the network exit in a bypass mode. ZKXN Network Sentry suffers from an arbitrary file upload vulnerability. An attacker can exploit the vulnerability to upload...

7.2AI score

Exploits0References1

htbridge•added 2015/11/18 12:0 a.m.•568 views

Path Traversal via CSRF in bitrix.xscan Bitrix Module

High-Tech Bridge Security Research Lab discovered vulnerability in bitrix.xscan Bitrix module, intended to discover and neutralize malware on the website. The vulnerability can be exploited to change extension of arbitrary PHP files on the target system and gain access to potentially sensitive...

6.5CVSS1.4AI score0.08772EPSS

Exploits5Affected Software1

Exploit DB•added 2015/09/22 12:0 a.m.•29 views

Kirby CMS 2.1.0 - Authentication Bypass

============================================= - Release date: 14.09.2015 - Discovered by: Dawid Golunski - Severity: Medium/High ============================================= I. VULNERABILITY ------------------------- Kirby CMS = 2.1.0 Authentication Bypass via Path Traversal II. BACKGROUND...

7.4AI score

Exploits0

Packet Storm•added 2015/09/16 12:0 a.m.•29 views

ZeusCart 4.0 Code Execution

ZeusCart 4.0: Code Execution Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 08/13/2015 Disclose...

7.4AI score

Exploits0

0day.today•added 2015/09/08 12:0 a.m.•42 views

Returnsoft CMS - SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================================== + Title :- Returnsoft CMS - SQL Injection Vulnerability + Date :- 9 - Sep - 2015 + Vendor Homepage :- http://returnsoft.info/ + Version :- All Versions + Tested on :- Nginx/1.4.5,...

7.1AI score

Exploits0

Packet Storm•added 2015/09/01 12:0 a.m.•292 views

NibbleBlog 4.0.3 Shell Upload

NibbleBlog 4.0.3: Code Execution Security Advisory – Curesec Research Team 1. Introduction Affected Product: NibbleBlog 4.0.3 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: Website: http://www.nibbleblog.com/ Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to...

7.4AI score

Exploits0

securityvulns•added 2015/08/24 12:0 a.m.•63 views

Design Infotech CMS - SQL Injection Vulnerability

========================================================== + Title :- Design Infotech CMS - SQL Injection Vulnerability + Date :- 23 - July - 2015 + Vendor Homepage :- http://www.designinfotech.in/ + Version :- All Versions + Tested on :- Nginx/1.4.5, PHP/5.2.17, Linux - Windows + Category :-...

0.9AI score

Exploits0

securityvulns•added 2015/08/24 12:0 a.m.•205 views

3KITS CMS - SQL Injection Vulnerability

========================================================= + Title :- 3KITS CMS - SQL Injection Vulnerability + Date :- 23 - July - 2015 + Vendor Homepage :- http://www.3kits.com/ + Version :- All Versions + Tested on :- Nginx/1.4.5, PHP/5.2.17, Linux - Windows + Category :- webapps + Google Dorks...

0.5AI score

Exploits0

0day.today•added 2015/08/16 12:0 a.m.•32 views

Thomson Reuters FATCA v5.1.0.30 - Local File Inclusion Vulnerability

Exploit for hardware platform in category web applications Title: Thomson Reuters FATCA - Local File Inclusion Author: Jakub Pałaczyński Date: 10. June 2015 CVE: CVE-2015-5952 Affected software: ================== All versions of Thomson Reuters FATCA below v5.2 Exploit was tested on:...

9.2AI score0.03424EPSS

Exploits2

0day.today•added 2015/07/13 12:0 a.m.•27 views

WordPress GD bbPress Attachments 2.1 Cross Site Scripting / Local File Inclusion Vulnerabilities

WordPress GD bbPress Attachments plugin version 2.1 suffers from a cross site scripting and Local File Inclusion Vulnerabilities Details ================ Software: GD bbPress Attachments Version: 2.1 Homepage: http://wordpress.org/plugins/gd-bbpress-attachments/ Advisory report:...

6.7AI score

Exploits0

Packet Storm•added 2015/07/12 12:0 a.m.•35 views

WordPress GD bbPress Attachments 2.1 Local File Inclusion

Details ================ Software: GD bbPress Attachments Version: 2.1 Homepage: http://wordpress.org/plugins/gd-bbpress-attachments/ Advisory report: https://security.dxw.com/advisories/local-file-include-vulnerability-in-gd-bbpress-attachments-allows-attackers-to-include-arbitrary-php-files/ CV...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by