CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

127 matches found

securityvulns•added 2010/05/11 12:0 a.m.•33 views

Family Connections 2.2.3 Multiple Remote Vulnerabilities

Family Connections 2.2.3 Multiple Remote Vulnerabilities Name Family Connections Vendor http://www.familycms.com Versions Affected 2.2.3 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-10-05 X. INDEX I. ABOUT THE...

0.1AI score

Exploits0

Exploit DB•added 2010/05/10 12:0 a.m.•21 views

family connections 2.2.3 - Multiple Vulnerabilities

7.4AI score

Exploits0

NVD•added 2009/10/08 5:30 p.m.•8 views

CVE-2009-3600

HUBScript 1.0 allows remote attackers to obtain configuration information via a direct request to manage/phpinfo.php, which calls the phpinfo function...

5CVSS6.3AI score0.00319EPSS

Exploits1References4

0day.today•added 2009/08/03 12:0 a.m.•19 views

Discloser 0.0.4-rc2 (index.php more) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ Discloser 0.0.4-rc2 index.php more SQL Injection Vulnerability ================================================================ Salvatore "drosophila" Fresta + Application:...

7.1AI score

Exploits0

Exploit DB•added 2009/08/03 12:0 a.m.•23 views

Discloser 0.0.4-rc2 - 'index.php?more' SQL Injection

Salvatore "drosophila" Fresta + Application: Discloser + Version: 0.0.4-rc2 + Website: http://discloser.sourceforge.net/ + Bugs: A SQL Injection + Exploitation: Remote + Date: 21 Feb 2004 + Discovered by: Salvatore Fresta aka drosophila + Author: Salvatore Fresta aka drosophila + E-mail:...

7.4AI score

Exploits0

exploitpack•added 2009/08/03 12:0 a.m.•16 views

Discloser 0.0.4-rc2 - index.php?more SQL Injection

Discloser 0.0.4-rc2 - index.php?more SQL Injection Salvatore "drosophila" Fresta + Application: Discloser + Version: 0.0.4-rc2 + Website: http://discloser.sourceforge.net/ + Bugs: A SQL Injection + Exploitation: Remote + Date: 21 Feb 2004 + Discovered by: Salvatore Fresta aka drosophila + Author:...

8.6AI score

Exploits0

Prion•added 2009/04/21 6:30 p.m.•10 views

Sql injection

SQL injection vulnerability in Load.php in Simple Machines Forum SMF 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands by setting the dbcharacterset parameter to a multibyte character set such as big5, which causes the addslashes PHP function to produce a "" backslash...

7.5CVSS9AI score0.00322EPSS

Exploits1References3Affected Software1

NVD•added 2009/04/21 6:30 p.m.•8 views

CVE-2008-6741

7.5CVSS8.3AI score0.00322EPSS

Exploits1References3

Cvelist•added 2009/04/21 6:7 p.m.•19 views

CVE-2008-6741

8.3AI score0.00322EPSS

Exploits1References3

Positive Technologies•added 2009/01/01 12:0 a.m.•2 views

PT-2009-41: Multiple vulnerabilities in Kayako Support Suite

Vulnerability Description Positive Technologies Research Team discovered several Installation Path Disclosure vulnerabilities in Kayako Support Suite. The application uses a vulnerable PHP function unserialize, which allows an attacker to disclose the product installation path. In addition, there...

7.2AI score

Exploits0References4

Packet Storm•added 2008/12/30 12:0 a.m.•50 views

RoundCube Webmail 0.2-3 Beta Code Execution

Public Release Date of POC: 2008-12-22 Author: Jacobo Avariento Gimeno Sofistic CVE id: CVE-2008-5619 Bugtraq id: 32799 Severity: Critical Vulnerability reported by: RealMurphy Intro ---- Roundcube Webmail is a browser-based IMAP client that uses "chuggnutt.com HTML to Plain Text Conversion"...

10CVSS0.3AI score0.77692EPSS

Exploits15

seebug.org•added 2008/12/23 12:0 a.m.•46 views

RoundCube Webmail <= 0.2-3 beta Code Execution Vulnerability

No description provided by source. Public Release Date of POC: 2008-12-22 Author: Jacobo Avariento Gimeno Sofistic CVE id: CVE-2008-5619 Bugtraq id: 32799 Severity: Critical Vulnerability reported by: RealMurphy Intro ---- Roundcube Webmail is a browser-based IMAP client that uses "chuggnutt.com...

10CVSS0.4AI score0.77692EPSS

Exploits15

Exploit DB•added 2008/12/22 12:0 a.m.•102 views

Roundcube Webmail 0.2-3 Beta - Code Execution

10CVSS7.5AI score0.77692EPSS

Exploits15

NVD•added 2008/09/04 6:41 p.m.•14 views

CVE-2008-3922

awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences in the sort parameter, which is used by the multisort function when dynamically creating an anonymous PHP function...

9.3CVSS7.6AI score0.91414EPSS

Exploits5References11

securityvulns•added 2008/08/26 12:0 a.m.•79 views

Multiple Vulnerabilities in AWStats Totals

Emory University UTS Security Advisory EMORY-2008-01 Topic: Multiple Vulnerabilities in AWStats Totals Original release date: August 26, 2008 SUMMARY ======= Telartis's AWStats Totals program is vulnerable to command execution and cross site scripting attacks. A remote attacker could exploit thes...

1.2AI score

Exploits0

securityvulns•added 2007/04/17 12:0 a.m.•40 views

[MajorSecurity Advisory #45]oe2edit CMS - Cross Site Scripting and Cookie Manipulation Issue

MajorSecurity Advisory 45oe2edit CMS - Cross Site Scripting and Cookie Manipulation Issue Details ======= Product: oe2edit CMS Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.oe2edit.com Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: Dav...

0.1AI score

Exploits0

securityvulns•added 2007/04/13 12:0 a.m.•47 views

[MajorSecurity Advisory #44]MailBee WebMail Pro - Cross Site Scripting Issue

MajorSecurity Advisory 44MailBee WebMail Pro - Cross Site Scripting Issue Details ======= Product: MailBee WebMail Pro 3.4 Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.afterlogic.com Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: Davi...

7.1AI score

Exploits0

NVD•added 2007/02/14 11:28 a.m.•11 views

CVE-2007-0930

Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function...

7.5CVSS6.5AI score0.00445EPSS

Exploits0References3

securityvulns•added 2006/07/24 12:0 a.m.•70 views

[MajorSecurity #23] BLOG:CMS <= 4.0.0j - XSS and cookie disclosure

MajorSecurity 23 BLOG:CMS = 4.0.0j - XSS and cookie disclosure ------------------------------------------------------------------- Software: BLOG:CMS Version: 4.0.0j Type: Cross site scripting Made public: July, 22th 2006 Vendor: F-ART AGENCY, Ltd. - Radek Hulбn Page: http://blogcms.com/ Credits:...

6.5AI score

Exploits0

Prion•added 2006/07/21 2:3 p.m.•14 views

Directory traversal

Absolute path directory traversal vulnerability in 1 MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and 2 VisNetic MailServer before 8.5.0.5 allows remote authenticated users to include arbitrary files via a modified language parameter and a full Windows or UNC pathname i...

4CVSS6.7AI score0.11946EPSS

Exploits2References12Affected Software3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by