Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2595 matches found

myhack58
myhack58added 2013/10/04 12:0 a.m.18 views

Empire cms 7.0 background to get shell-vulnerability warning-the black bar safety net

Empire CMS7. 0 background can upload the mod suffix PHP file and execute inside php code. Into the backgroundit! Method a: system data tables with the system model-management data table and then randomly selected one data table, open the corresponding data table of the“management system model”as...

1.1AI score
Exploits0
0day.today
0day.todayadded 2013/10/02 12:0 a.m.87 views

Gnew 2013.1 - Multiple Vulnerabilities

Gnew version 2013.1 suffers from file inclusion and remote SQL injection vulnerabilities. Product: Gnew Vulnerable Versions: 2013.1 and probably prior Tested Version: 2013.1 Advisory Publication: August 28, 2013 without technical details Vendor Notification: August 28, 2013 Public Disclosure:...

7.5CVSS0.2AI score0.07091EPSS
Exploits7
Packet Storm
Packet Stormadded 2013/10/02 12:0 a.m.70 views

Gnew 2013.1 PHP File Inclusion / SQL Injection

Advisory ID: HTB23171 Product: Gnew Vendor: Raoul Proença Vulnerable Versions: 2013.1 and probably prior Tested Version: 2013.1 Advisory Publication: August 28, 2013 without technical details Vendor Notification: August 28, 2013 Public Disclosure: October 2, 2013 Vulnerability Type: PHP File...

7.5CVSS0.4AI score0.07091EPSS
Exploits7
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.60 views

Multiple Vulnerabilities in X2CRM

Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September 25, 2013 Vulnerability Type: PH...

8.5CVSS6.2AI score0.05791EPSS
Exploits6
securityvulns
securityvulnsadded 2013/10/02 12:0 a.m.89 views

Multiple Vulnerabilities in Gnew

Advisory ID: HTB23171 Product: Gnew Vendor: Raoul Proenca Vulnerable Versions: 2013.1 and probably prior Tested Version: 2013.1 Advisory Publication: August 28, 2013 without technical details Vendor Notification: August 28, 2013 Public Disclosure: October 2, 2013 Vulnerability Type: PHP File...

7.5CVSS0.4AI score0.07091EPSS
Exploits7
exploitpack
exploitpackadded 2013/10/02 12:0 a.m.73 views

Gnew 2013.1 - Multiple Vulnerabilities (2)

Gnew 2013.1 - Multiple Vulnerabilities 2 Advisory ID: HTB23171 Product: Gnew Vendor: Raoul Proença Vulnerable Versions: 2013.1 and probably prior Tested Version: 2013.1 Advisory Publication: August 28, 2013 without technical details Vendor Notification: August 28, 2013 Public Disclosure: October...

7.5CVSS0.2AI score0.07091EPSS
Exploits7
Exploit DB
Exploit DBadded 2013/10/02 12:0 a.m.80 views

Gnew 2013.1 - Multiple Vulnerabilities (2)

Advisory ID: HTB23171 Product: Gnew Vendor: Raoul Proença Vulnerable Versions: 2013.1 and probably prior Tested Version: 2013.1 Advisory Publication: August 28, 2013 without technical details Vendor Notification: August 28, 2013 Public Disclosure: October 2, 2013 Vulnerability Type: PHP File...

7.5CVSS7AI score0.07091EPSS
Exploits7
Packet Storm
Packet Stormadded 2013/09/25 12:0 a.m.84 views

X2CRM 3.4.1 Cross Site Scripting / Local File Inclusion

Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September 25, 2013 Vulnerability Type: PH...

8.5CVSS6.5AI score0.05791EPSS
Exploits6
exploitpack
exploitpackadded 2013/09/25 12:0 a.m.56 views

X2CRM 3.4.1 - Multiple Vulnerabilities

X2CRM 3.4.1 - Multiple Vulnerabilities Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure:...

8.5CVSS0.2AI score0.05791EPSS
Exploits6
0day.today
0day.todayadded 2013/09/25 12:0 a.m.69 views

X2CRM 3.4.1 - Multiple Vulnerabilities

Exploit for php platform in category web applications Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September...

8.5CVSS6.5AI score0.05791EPSS
Exploits6
Exploit DB
Exploit DBadded 2013/09/25 12:0 a.m.72 views

X2CRM 3.4.1 - Multiple Vulnerabilities

Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September 25, 2013 Vulnerability Type: PH...

8.5CVSS6.4AI score0.05791EPSS
Exploits6
htbridge
htbridgeadded 2013/09/04 12:0 a.m.42 views

Multiple Vulnerabilities in X2CRM

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in X2CRM, which can be exploited to include arbitrary local files and execute arbitrary PHP code, as well as to perform Cross-Site Sripting XSS attacks against users of vulnerable application. 1 PHP File Inclusion in X2CRM...

7.6CVSS0.9AI score0.05791EPSS
Exploits6Affected Software1
Check Point Advisories
Check Point Advisoriesadded 2013/08/14 12:0 a.m.1 views

Joomla Unauthorized File Upload Remote Code Execution

A remote code execution vulnerability has been reported in Joomla. The vulnerability is due to improper validation of an uploaded file's extension. A remote attacker may exploit this issue by uploading a specially crafted php file. Successful exploitation would allow an attacker to execute...

8.3AI score
Exploits0
0day.today
0day.todayadded 2013/08/07 12:0 a.m.38 views

SocialEngine 4.5 Shell Upload Vulnerability

SocialEngine version 4.5 suffers from a remote shell upload vulnerability. + INTRODUCTION ------------------------------------------------------------- The plugin has the objective give you a better visual for the user profile, allowed the addition of cover image keeping the layout closest to the...

6.5CVSS6.7AI score0.03217EPSS
Exploits5
Packet Storm
Packet Stormadded 2013/08/07 12:0 a.m.34 views

SocialEngine 4.5 Shell Upload

INTRODUCTION ------------------------------------------------------------- The plugin has the objective give you a better visual for the user profile, allowed the addition of cover image keeping the layout closest to the style of modern social networks, among other features. + DESCRIPTION OF...

6.5CVSS6.6AI score0.03217EPSS
Exploits5
Exploit DB
Exploit DBadded 2013/08/02 12:0 a.m.36 views

SocialEngine Timeline Plugin 4.2.5p9 - Arbitrary File Upload

Exploit Title: Sending php file in the timeline plugin cover image of SocialEngine 4.5 Date: 2013-08-17 Discovered by: Wesley Henrique Leite aka "spyk2r" Vendor Homepage: http://webhive.com.ua/ Software Link: http://webhive.com.ua/store/product.php?idproduct=46 Version: plugin Timeline 4.2.5p9 fo...

6.5CVSS6.6AI score0.03217EPSS
Exploits5
securityvulns
securityvulnsadded 2013/07/15 12:0 a.m.59 views

Multiple Vulnerabilities in OpenX

Advisory ID: HTB23155 Product: OpenX Vendor: OpenX Vulnerable Versions: 2.8.10 and probably prior Tested Version: 2.8.10 Vendor Notification: May 8, 2013 Vendor Patch: June 28, 2013 Public Disclosure: July 3, 2013 Vulnerability Type: PHP File Inclusion CWE-98, Cross-Site Scripting CWE-79 CVE...

4.3CVSS6.7AI score0.04226EPSS
Exploits6
securityvulns
securityvulnsadded 2013/07/15 12:0 a.m.66 views

Multiple Vulnerabilities in Exponent CMS

Advisory ID: HTB23154 Product: Exponent CMS Vendor: Online Innovative Creations Vulnerable Versions: 2.2.0 beta 3 and probably prior Tested Version: 2.2.0 beta 3 Vendor Notification: April 24, 2013 Vendor Patch: May 3, 2013 Public Disclosure: May 15, 2013 Vulnerability Type: SQL Injection CWE-89,...

7.5CVSS8.1AI score0.02452EPSS
Exploits5
exploitpack
exploitpackadded 2013/07/05 12:0 a.m.89 views

OpenX 2.8.10 - Multiple Vulnerabilities

OpenX 2.8.10 - Multiple Vulnerabilities Advisory ID: HTB23155 Product: OpenX Vendor: OpenX Vulnerable Versions: 2.8.10 and probably prior Tested Version: 2.8.10 Vendor Notification: May 8, 2013 Vendor Patch: June 28, 2013 Public Disclosure: July 3, 2013 Vulnerability Type: PHP File Inclusion...

4.3CVSS0.1AI score0.04226EPSS
Exploits6
Exploit DB
Exploit DBadded 2013/07/05 12:0 a.m.76 views

OpenX 2.8.10 - Multiple Vulnerabilities

Advisory ID: HTB23155 Product: OpenX Vendor: OpenX Vulnerable Versions: 2.8.10 and probably prior Tested Version: 2.8.10 Vendor Notification: May 8, 2013 Vendor Patch: June 28, 2013 Public Disclosure: July 3, 2013 Vulnerability Type: PHP File Inclusion CWE-98, Cross-Site Scripting CWE-79 CVE...

4.3CVSS6.4AI score0.04226EPSS
Exploits6
Rows per page
Query Builder