Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2004-1946

Malware in sbrugna...

4.3CVSS6.4AI score0.01649EPSS
Exploits1References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2004-1947

Malware in sbrugna...

7.5CVSS6.4AI score0.00553EPSS
Exploits1References7
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.15 views

phProfession 2.5 modules.php offset Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/10190/info Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabilities were reported. Exploitation o...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.16 views

phProfession 2.5 modules.php jcode Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10190/info Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabilities were reported. Exploitation o...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.14 views

phProfession 2.5 upload.php Direct Request Path Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/10190/info Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabilities were reported. Exploitation o...

7.1AI score
Exploits0
0day.today
0day.todayadded 2013/02/13 12:0 a.m.20 views

PostNuke Module phProfession <= 1.5 SQL Injection Vulnerability

Exploit for php platform in category web applications This is private exploit. You can buy it at https://0day.today...

7AI score
Exploits0
Cvelist
Cvelistadded 2005/05/10 4:0 a.m.11 views

CVE-2004-1955

SQL injection vulnerability in modules.php in phProfession 2.5 allows remote attackers to execute arbitrary SQL code via the offset parameter...

8.3AI score0.00553EPSS
Exploits1References6
Cvelist
Cvelistadded 2005/05/10 4:0 a.m.14 views

CVE-2004-1954

Cross-site scripting XSS vulnerability in modules.php in phProfession 2.5 allows remote attackers to inject arbitrary web script or HTML via the jcode parameter...

5.7AI score0.01649EPSS
Exploits1References6
CVE
CVEadded 2005/05/10 4:0 a.m.39 views

CVE-2004-1954

CVE-2004-1954 affects phProfession 2.5, with a vulnerability in modules.php that allows remote injection of arbitrary script/HTML via the jcode parameter (XSS). The provided documents specify the affected file and parameter but do not include mitigation, patch versions, or concrete exploit detail...

4.3CVSS6AI score0.01649EPSS
Exploits1References6Affected Software1
Cvelist
Cvelistadded 2005/05/10 4:0 a.m.11 views

CVE-2004-1953

phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to upload.php, which reveals the path in a PHP error message...

6.5AI score0.05018EPSS
Exploits1References6
CVE
CVEadded 2005/05/10 4:0 a.m.36 views

CVE-2004-1955

The CVE-2004-1955 entry describes a SQL injection in the phProfession 2.5 package, specifically via the offset parameter in modules.php. Affected software: phProfession 2.5; vulnerable component: modules.php. Root cause: improper handling of the offset input enables arbitrary SQL execution by rem...

7.5CVSS8.7AI score0.00553EPSS
Exploits1References6Affected Software1
CVE
CVEadded 2005/05/10 4:0 a.m.35 views

CVE-2004-1953

phProfession 2.5 is affected by CVE-2004-1953. The issue allows remote attackers to gain sensitive information by making a direct HTTP request to upload.php, which results in a PHP error message that reveals the file path. The NVD entry lists a Base Score of 5.0 (Medium) with Network attack vecto...

5CVSS6.9AI score0.05018EPSS
Exploits1References6Affected Software1
NVD
NVDadded 2004/12/31 5:0 a.m.9 views

CVE-2004-1953

phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to upload.php, which reveals the path in a PHP error message...

5CVSS6.5AI score0.05018EPSS
Exploits1References6
NVD
NVDadded 2004/12/31 5:0 a.m.10 views

CVE-2004-1955

SQL injection vulnerability in modules.php in phProfession 2.5 allows remote attackers to execute arbitrary SQL code via the offset parameter...

7.5CVSS8.3AI score0.00553EPSS
Exploits1References6
exploitpack
exploitpackadded 2004/04/23 12:0 a.m.13 views

PHProfession 2.5 - modules.php?jcode Cross-Site Scripting

PHProfession 2.5 - modules.php?jcode Cross-Site Scripting source: https://www.securityfocus.com/bid/10190/info Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabilities were...

6.8AI score
Exploits0
exploitpack
exploitpackadded 2004/04/23 12:0 a.m.8 views

PHProfession 2.5 - upload.php Direct Request Full Path Disclosure

PHProfession 2.5 - upload.php Direct Request Full Path Disclosure source: https://www.securityfocus.com/bid/10190/info Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabiliti...

0.2AI score
Exploits0
exploitpack
exploitpackadded 2004/04/23 12:0 a.m.11 views

PHProfession 2.5 - modules.php?offset SQL Injection

PHProfession 2.5 - modules.php?offset SQL Injection source: https://www.securityfocus.com/bid/10190/info Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabilities were...

0.1AI score
Exploits0
Exploit DB
Exploit DBadded 2004/04/23 12:0 a.m.18 views

PHProfession 2.5 - &#039;modules.php?offset&#039; SQL Injection

source: https://www.securityfocus.com/bid/10190/info Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabilities were reported. Exploitation of these issues may reveal sensitiv...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2004/04/23 12:0 a.m.22 views

PHProfession 2.5 - &#039;modules.php?jcode&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/10190/info Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabilities were reported. Exploitation of these issues may reveal sensitiv...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2004/04/22 12:0 a.m.34 views

waraxe-2004-SA021.txt

================================================================================ waraxe-2004-SA021 ================================================================================ Multiple vulnerabilities in phprofession 2.5 module for PostNuke...

7.4AI score
Exploits0
Rows per page
Query Builder