CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2018/05/29 12:0 a.m.•25 views

Facebook Clone Script 1.0.5 Cross Site Request Forgery

Exploit Title: Facebook Clone Script 1.0.5 - Cross-Site Request Forgery Date: 2018-05-29 Exploit Author: L0RD Vendor Homepage: https://www.phpscriptsmall.com/product/facebook-clone/ Version: 1.0.5 Tested on: Win 10 Description : Facebook Clone Script 1.0.5 has csrf vulnerability which attacker ca...

0.4AI score

Friends Of PHP•added 2018/05/24 1:11 p.m.•13 views

SS-2018-012: Uploaded PHP script execution in assets

More info at https://www.silverstripe.org/download/security-releases/ss-2018-012/...

7.2AI score

Exploits0Affected Software1

Packet Storm•added 2018/05/22 12:0 a.m.•25 views

Private Message PHP Script 2.0 Cross Site Scripting

Exploit Title: Private Message PHP Script 2.0 - Persistent Cross-Site scripting Date: 2018-05-20 Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/private-message-php-script/21027192?srank=1 Version: 2.0 Tested on: Windows Description : Private Message PHP Script...

ThreatPost•added 2018/05/21 9:44 p.m.•12 views

Malicious PHP Script Infects 2,400 Websites in the Past Week

A botnet dubbed Brain Food is giving webmasters indigestion with related attacks that push bogus diet pills and IQ-boosting pills via web pages hosted on legitimate sites. So far, spammers have been successful, thanks to an effective Hypertext Preprocessor PHP script also called Brain Food that h...

7.7AI score

Exploits0References2

0day.today•added 2018/05/21 12:0 a.m.•40 views

Private Message PHP Script 2.0 - Persistent Cross-Site scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Private Message PHP Script 2.0 - Persistent Cross-Site scripting Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/private-message-php-script/21027192?srank=1 Version: 2.0 Tested on: Windows...

Exploit DB•added 2018/05/21 12:0 a.m.•20 views

Private Message PHP Script 2.0 - Cross-Site Scripting

7AI score

OSV•added 2018/04/12 10:29 p.m.•2 views

CVE-2018-6900

PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page...

5.4CVSS5.8AI score0.00531EPSS

Exploits1References1

CNVD•added 2018/03/29 12:0 a.m.•1 views

Roland Gruber Softwareentwicklung LDAP Account Manager Cross-Site Scripting Vulnerability

Roland Gruber Softwareentwicklung LDAP Account Manager is an LDAP account manager for managing various account types in the LDAP directory. A cross-site scripting vulnerability exists in Roland Gruber Softwareentwicklung LDAP Account Manager. A remote attacker can create a cross-site scripting...

8.8CVSS6.5AI score0.01583EPSS

Exploits3References1

Packet Storm•added 2018/03/20 12:0 a.m.•38 views

Vehicle Sales Management System XSS / Shell Upload / SQL Injection

Exploit Title: VSMS Multiple Vulnerabilities Google Dork: N/A Date: 16-3-2018 Exploit Author: Sing Vendor Homepage: https://sourceforge.net/projects/vsms-php/?source=typredirect Software Link: https://sourceforge.net/projects/vsms-php/?source=typredirect Version: 07/2017 possible v1.2 Tested on:...

7.5CVSS9.2AI score0.02167EPSS

Exploit DB•added 2018/03/20 12:0 a.m.•37 views

Vehicle Sales Management System - Multiple Vulnerabilities

9.8CVSS7AI score0.02167EPSS

Packet Storm•added 2018/02/27 12:0 a.m.•36 views

Schools Alert Management Script 2.0.2 SQL Injection

Exploit Title: Schools Alert Management Script - 2.0.2 - Authentication Bypass Date: 07.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/schools-alert-management-system/ Category: Web Application Exploit Author: Prasenjit Kanti Paul We...

9.2AI score0.01803EPSS

Exploit DB•added 2018/02/27 12:0 a.m.•34 views

Schools Alert Management Script 2.0.2 - Authentication Bypass

Schools Alert Management Script 2.0.2 - Authentication Bypass. CVE-2018-6859. Webapps exploit for PHP platform Exploit Title: Schools Alert Management Script - 2.0.2 - Authentication Bypass Date: 07.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link:...

9.8CVSS9.4AI score0.01803EPSS

Packet Storm•added 2018/02/23 12:0 a.m.•41 views

Groupon Clone Script 3.0.2 Cross Site Scripting

Exploit Title: Slickdeals/DealNews/Groupon Clone Script 3.0.2 a Stored XSS Date: 09.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/groupon-clone-script/ Category: Web Application Exploit Author: Prasenjit Kanti Paul Web:...

5.9AI score0.00575EPSS

0day.today•added 2018/02/22 12:0 a.m.•41 views

Learning and Examination Management System - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Learning and Examination Management System Script 2.3.1 – Stored XSS Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/learning-examination-management-system/ Category: Web...

3.5CVSS5.8AI score0.01568EPSS

0day.today•added 2018/02/22 12:0 a.m.•52 views

Alibaba Clone Script 1.0.2 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Alibaba Clone Script 1.0.2 – Stored XSS Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/alibaba-clone/ Category: Web Application Exploit Author: Prasenjit Kanti Paul Web:...

3.5CVSS5.8AI score0.00699EPSS

0day.today•added 2018/02/22 12:0 a.m.•53 views

Groupon Clone Script 3.0.2 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Slickdeals/DealNews/Groupon Clone Script 3.0.2 – Stored XSS Date: 09.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/groupon-clone-script/ Category: Web Application...

3.5CVSS5.6AI score0.00575EPSS

Exploit DB•added 2018/02/22 12:0 a.m.•42 views

Groupon Clone Script 3.0.2 - Cross-Site Scripting

Groupon Clone Script 3.0.2 - Cross-Site Scripting. CVE-2018-6868. Webapps exploit for PHP platform Exploit Title: Slickdeals/DealNews/Groupon Clone Script 3.0.2 – Stored XSS Date: 09.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link:...

5.4CVSS5.9AI score0.00575EPSS

Packet Storm•added 2018/02/13 12:0 a.m.•23 views

News Website Script 2.0.4 SQL Injection

Exploit Title:News Website Script - SQL Injection Error Based Google Dork: NA Date: 12.02.2018 Exploit Author: Varun Bagaria Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: http://under24usd.com/demo/newstoday/index.php Version: 2.0.4 Tested on: Windows 7 Category: Webapps CVE : N...

7.1AI score

exploitpack•added 2018/02/13 12:0 a.m.•16 views

News Website Script 2.0.4 - search SQL Injection

News Website Script 2.0.4 - search SQL Injection Exploit Title:News Website Script - SQL Injection Error Based Google Dork: NA Date: 12.02.2018 Exploit Author: Varun Bagaria Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: http://under24usd.com/demo/newstoday/index.php Version: 2.0...