Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2004-1947

Malware in sbrugna...

7.5CVSS6.4AI score0.00553EPSS
Exploits1References7
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.14 views

phProfession 2.5 upload.php Direct Request Path Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/10190/info Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabilities were reported. Exploitation o...

7.1AI score
Exploits0
Cvelist
Cvelistadded 2005/05/10 4:0 a.m.11 views

CVE-2004-1955

SQL injection vulnerability in modules.php in phProfession 2.5 allows remote attackers to execute arbitrary SQL code via the offset parameter...

8.3AI score0.00553EPSS
Exploits1References6
Cvelist
Cvelistadded 2005/05/10 4:0 a.m.14 views

CVE-2004-1954

Cross-site scripting XSS vulnerability in modules.php in phProfession 2.5 allows remote attackers to inject arbitrary web script or HTML via the jcode parameter...

5.7AI score0.01649EPSS
Exploits1References6
CVE
CVEadded 2005/05/10 4:0 a.m.39 views

CVE-2004-1954

CVE-2004-1954 affects phProfession 2.5, with a vulnerability in modules.php that allows remote injection of arbitrary script/HTML via the jcode parameter (XSS). The provided documents specify the affected file and parameter but do not include mitigation, patch versions, or concrete exploit detail...

4.3CVSS6AI score0.01649EPSS
Exploits1References6Affected Software1
Cvelist
Cvelistadded 2005/05/10 4:0 a.m.11 views

CVE-2004-1953

phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to upload.php, which reveals the path in a PHP error message...

6.5AI score0.05018EPSS
Exploits1References6
CVE
CVEadded 2005/05/10 4:0 a.m.36 views

CVE-2004-1955

The CVE-2004-1955 entry describes a SQL injection in the phProfession 2.5 package, specifically via the offset parameter in modules.php. Affected software: phProfession 2.5; vulnerable component: modules.php. Root cause: improper handling of the offset input enables arbitrary SQL execution by rem...

7.5CVSS8.7AI score0.00553EPSS
Exploits1References6Affected Software1
NVD
NVDadded 2004/12/31 5:0 a.m.9 views

CVE-2004-1953

phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to upload.php, which reveals the path in a PHP error message...

5CVSS6.5AI score0.05018EPSS
Exploits1References6
Packet Storm
Packet Stormadded 2004/04/22 12:0 a.m.33 views

waraxe-2004-SA021.txt

================================================================================ waraxe-2004-SA021 ================================================================================ Multiple vulnerabilities in phprofession 2.5 module for PostNuke...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2004/04/22 12:0 a.m.38 views

[waraxe-2004-SA#021 - Multiple vulnerabilities in phprofession 2.5 module for PostNuke]

================================================================================ waraxe-2004-SA021 ================================================================================ Multiple vulnerabilities in phprofession 2.5 module for PostNuke...

0.1AI score
Exploits0
Rows per page
Query Builder