CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

266 matches found

Tenable Nessus•added 2006/05/03 12:0 a.m.•14 views

sBLOG search.php keyword Parameter SQL Injection

The remote host is running sBLOG, a PHP-based blog application. The installed version of sBLOG fails to validate user input to the 'keyword' parameter of the 'search.php' script before using it to generate database queries. Regardless of PHP's 'magicquotesgpc' setting, an unauthenticated attacker...

10CVSS5.6AI score0.01053EPSS

Exploits1References2

Check Point Advisories•added 2006/02/12 12:0 a.m.•1 views

Update Protection against Multiple PHP-based Vulnerabilities

ADOdb is a database abstraction library for PHP. A vulnerability was detected in ADOdb due to the presence pf an insecure ADOdb script that can be exploited by remote attackers to execute malicious PHP commands on the target system. The 'Defacing Tool 2.0 by r3v3ng4ns' is a suite of php based...

7.5CVSS2.8AI score0.09474EPSS

Exploits1

Packet Storm•added 2006/02/06 12:0 a.m.•35 views

kapda-26.txt

KAPDA New advisory Vendor: http://www.jaia-interactive.com Vulnerable: Version: 1.2.3 Bug: Sql Injection & Path Disclosure Exploitation: Remote with browser Description: -------------------- MyTopix is a PHP-based message board system that uses a MySQL database. Vulnerability: -------------------...

7.4AI score

Exploits0

securityvulns•added 2005/12/26 12:0 a.m.•286 views

[Full-disclosure] Advanced Guestbook remote XSS exploit

Advanced Guestbook 2.2 and 2.3.1 and possibly other versions remote XSS vulnerabilities By: Handrix handrixatmorxorg 16 December 2005 MorX security research team www.morx.org Description: Advanced Guestbook is a PHP-based guestbook script. index.php and comment.php scripts are vulnerable to XSS...

1.1AI score

Exploits0

securityvulns•added 2005/12/22 12:0 a.m.•24 views

[KAPDA::#17] - beehiveforum Script Injection

KAPDA New advisory Vendor: http://www.beehiveforum.net Vulnerable: Version 0.6.2 Bug: HTML Injection , Possible attacks with registerglobals = On Exploitation: Remote with browser Description: -------------------- Beehive Forum is a PHP-based message board system that uses a MySQL database...

7.5AI score

Exploits0

Packet Storm•added 2005/12/14 12:0 a.m.•27 views

ThWboard.txt

KAPDA New advisory Vendor: http://www.thwboard.de Vulnerable Version: 3 beta 2.8 Bug: HTML Injection , XSS , SQL Injection Exploitation: Remote with browser Description: -------------------- ThWboard is a freely available German PHP-based message board program that uses a MySQL database...

7.4AI score

Exploits0

securityvulns•added 2005/12/08 12:0 a.m.•21 views

[KAPDA::#15] - ThWboard multiple vulnerabilities

0.9AI score

Exploits0

CERT•added 2005/12/07 12:0 a.m.•13 views

MediaWiki fails to properly verify input passed to the user language option

Overview A vulnerability in some versions of MediaWiki may allow a remote attacker to execute code on a vulnerable wiki server. Description MediaWiki is a PHP-based software package that is used to run a wiki, a collaborative website that can be edited by any user or visitor. Some versions of the...

7.5AI score

Exploits0References1

OpenVAS•added 2005/11/03 12:0 a.m.•11 views

IMP Detection

This script detects whether the remote host is running IMP and extracts version numbers and locations of any instances found. IMP is a PHP-based webmail package from The Horde Project that provides access to mail accounts via POP3 or IMAP. See http://www.horde.org/imp/ for more information. OpenV...

0.5AI score

Exploits0

OpenVAS•added 2005/11/03 12:0 a.m.•14 views

Horde IMP Detection

This script detects whether the remote host is running Horde IMP and extracts version numbers and locations of any instances found. IMP is a PHP-based webmail package from The Horde Project that provides access to mail accounts via POP3 or IMAP. SPDX-FileCopyrightText: 2005 George A. Theall Some...

7.3AI score

Exploits0References1

OpenVAS•added 2005/11/03 12:0 a.m.•10 views

Chora Detection

This script detects whether the remote host is running Chora and extracts version numbers and locations of any instances found. Chora is a PHP-based interface to CVS repositories from the Horde Project. See http://www.horde.org/chora/ for more information. OpenVAS Vulnerability Test $Id:...

Exploits0

Packet Storm•added 2005/08/09 12:0 a.m.•29 views

OS2A-1001.txt

OS2A ePing Arbitrary File Creation/Command Execution Vulnerability OS2A ID: OS2A1001 Status Published: 08/04/2005 Updated : 08/05/2005 Patch Released Class: File Creation/Command Execution Severity: CRITICAL Overview: ePing is a ping utility plugin for e107, a PHP-based content management system...

7.4AI score

Exploits0

OSV•added 2005/05/18 12:0 a.m.•26 views

DSA-724-1 phpsysinfo - design flaw

Bulletin has no description...

4.3CVSS6AI score0.11707EPSS

Exploits1

Tenable Nessus•added 2005/04/26 12:0 a.m.•12 views

Horde Turba Detection

The remote host is running Turba, a PHP-based addressbook / contact management utility from the Horde Project. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid18137; scriptversion"1.24"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/12";...

5.5AI score

Exploits0References1

Tenable Nessus•added 2005/04/26 12:0 a.m.•12 views

Horde Nag Detection

The remote host is running Nag, an open source PHP-based multi-user task list manager from the Horde Project. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid18135; scriptversion"1.23"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/12";...

5.5AI score

Exploits0References1

Tenable Nessus•added 2005/04/26 12:0 a.m.•15 views

Horde Mnemo Detection

The remote host is running Mnemo, an open source PHP-based note manager from the Horde Project. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid18133; scriptversion"1.23"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/05/24"; scriptnameenglish:"Hor...

5.5AI score

Exploits0References1

Tenable Nessus•added 2005/04/15 12:0 a.m.•24 views

Serendipity Detection

Serendipity, a PHP-based blog application, is running on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid18054; scriptversion"1.19"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01"; scriptnameenglish:"Serendipity Detection";...

5.4AI score

Exploits0References1

Tenable Nessus•added 2005/03/12 12:0 a.m.•32 views

UBB.threads Detection

The remote host is running UBB.threads, a web-based message board software system written in PHP. %NASLMINLEVEL 70300 C Tenable Network Security include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid17315; scriptversion"1.14";...

5.5AI score

Exploits0References1

Packet Storm•added 2005/01/16 12:0 a.m.•24 views

MinisTraverse.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Minis directory traversal vulnerability Vulnerability discovery: Madelman Date: 31/12/2004 Severity: Moderate Summary: - -------- from vendor site: http://minis.sourceforge.net/ Minis is a tiny, PHP-powered, text-file based weblogging system. I...

7.4AI score

Exploits0

Packet Storm•added 2005/01/11 12:0 a.m.•36 views

woltlabXSS.txt

Advisory Information -------------------- Advisory name : Woltlab Burning Board Lite formmail.php XSS Discovered by : drhankey / it-security23.net Vendor Name : Woltlab Vendor Homepage : http://www.woltlab.de Software : Woltlab Burning Board Lite Vulnerability Type : Cross-Site-Scripting Vulnerab...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by