Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

76 matches found

Packet Storm
Packet Stormadded 2024/09/01 12:0 a.m.145 views

Oracle Demantra Database Credentials Leak

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Demantra Database Credentials Leak', 'Description' = %q This module exploits a database credentials leak found in Oracle Demantra 12.2.1 i...

5CVSS6.6AI score0.8237EPSS
Exploits7
Packet Storm
Packet Stormadded 2016/02/05 12:0 a.m.54 views

Viprinet Multichannel VPN Router 300 Cross Site Scripting

Vulnerability title: Multiple Instances Of Cross-site Scripting In Viprinet Multichannel VPN Router 300 CVE: CVE-2014-2045 Vendor: Viprinet Product: Multichannel VPN Router 300 Affected version: 2013070830/2013080900 Fixed version: 2014013131/2014020702 Reported by: Tim Brown Details: The data...

5.8CVSS0.03969EPSS
Exploits5
exploitpack
exploitpackadded 2016/02/03 12:0 a.m.37 views

Viprinet Multichannel VPN Router 300 - Persistent Cross-Site Scripting

Viprinet Multichannel VPN Router 300 - Persistent Cross-Site Scripting Vulnerability title: Multiple Instances Of Cross-site Scripting In Viprinet Multichannel VPN Router 300 CVE: CVE-2014-2045 Vendor: Viprinet Product: Multichannel VPN Router 300 Affected version: 2013070830/2013080900 Fixed...

4.3CVSS0.03969EPSS
Exploits5
securityvulns
securityvulnsadded 2015/10/26 12:0 a.m.76 views

CVE-2015-5075 - Cross-Site Request Forgery In X2Engine Inc. X2Engine

Vulnerability title: Cross-Site Request Forgery In X2Engine Inc. X2Engine CVE: CVE-2015-5075 Vendor: X2Engine Inc. Product: X2Engine Affected version: 4.2 Fixed version: 5.2 Reported by: Simone Quatrini Details: It was discovered that no protection against Cross-site Request Forgery attacks was...

6.8CVSS0.1AI score0.00966EPSS
Exploits4
Exploit DB
Exploit DBadded 2015/09/25 12:0 a.m.49 views

X2Engine 4.2 - Arbitrary File Upload

Source: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-5074/ Details: It was discovered that authenticated users were able to upload files of any type providing that the file did not have an extension that was listed in the following blacklist:...

7.5CVSS6.9AI score0.11204EPSS
Exploits5
exploitpack
exploitpackadded 2015/07/14 12:0 a.m.38 views

Pimcore CMS Build 3450 - Directory Traversal

Pimcore CMS Build 3450 - Directory Traversal Vulnerability title: Directory Traversal/Configuration Update In Pimcore CMS CVE: CVE-2015-4425 Vendor: Pimcore Product: Pimcore CMS Affected version: Build 3450 Fixed version: Build 3473 Reported by: Josh Foote Details: It is possible for an...

4.9CVSS0.1AI score0.00034EPSS
Exploits5
Packet Storm
Packet Stormadded 2015/07/14 12:0 a.m.50 views

Pimcore CMS Build 3450 SQL Injection

Vulnerability title: SQL Injection In Pimcore CMS CVE: CVE-2015-4426 Vendor: Pimcore Product: Pimcore CMS Affected version: Build 3450 Fixed version: Build 3473 Reported by: Josh Foote Details: Details: It was possible to inject arbitrary SQL into the application provided an administrative accoun...

7.5CVSS0.2AI score0.00003EPSS
Exploits2
exploitpack
exploitpackadded 2015/04/21 12:0 a.m.39 views

BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File RetrievalDeletion

BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File RetrievalDeletion Vulnerability title: Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet CVE: CVE-2014-5370 Vendor: New Atlanta Product: BlueDragon CFChart Servlet Affected version: 7.1.1.17759 Fixed version:...

7.5CVSS0.4AI score0.11515EPSS
Exploits4
Exploit DB
Exploit DBadded 2015/04/21 12:0 a.m.59 views

BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File Retrieval/Deletion

Vulnerability title: Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet CVE: CVE-2014-5370 Vendor: New Atlanta Product: BlueDragon CFChart Servlet Affected version: 7.1.1.17759 Fixed version: 7.1.1.18527 Reported by: Mike Westmacott Details: The CFChart servlet of...

7.5CVSS6.7AI score0.11515EPSS
Exploits4
Packet Storm
Packet Stormadded 2015/04/19 12:0 a.m.46 views

BlueDragon CFChart Servlet 7.1.1.17759 Directory Traversal

Vulnerability title: Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet CVE: CVE-2014-5370 Vendor: New Atlanta Product: BlueDragon CFChart Servlet Affected version: 7.1.1.17759 Fixed version: 7.1.1.18527 Reported by: Mike Westmacott Details: The CFChart servlet of...

7.5CVSS6.7AI score0.11515EPSS
Exploits4
Packet Storm
Packet Stormadded 2014/11/19 12:0 a.m.54 views

Compaq/Hewlett Packard Glance 11.00 Privilege Escalation

Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in Compaq/Hewlett Packard Glance for Linux CVE: CVE-2014-2630 Vendor: Compaq/Hewlett Packard Product: Glance for Linux Affected version: 11.00 and subsequent Fixed version: HPSBMU03086 rev.3 Reported by: Tim...

4.4CVSS0.8AI score0.12237EPSS
Exploits9
seebug.org
seebug.orgadded 2014/11/13 12:0 a.m.38 views

Enalean Tuleap 7.4.99.5 - Blind SQL Injection

No description provided by source. Vulnerability title: Tuleap = 7.4.99.5 Authenticated Blind SQL Injection in Enalean Tuleap CVE: CVE-2014-7176 Vendor: Enalean Product: Tuleap Affected version: 7.4.99.5 and earlier Fixed version: 7.5 Reported by: Jerzy Kramarz Details: SQL injection has been fou...

6.5CVSS6.5AI score0.13783EPSS
Exploits6
Packet Storm
Packet Stormadded 2014/10/30 12:0 a.m.55 views

F5 Big-IP 11.3.0.39.0 XML External Entity Injection #1

Vulnerability title: XML External Entity Injection in F5 Networks Big-IP CVE: CVE-2014-6032 Vendor: F5 Networks Product: Big-IP Affected version: 11.3.0.39.0 Fixed version: N/A Reported by: Oliver Gruskovnjak Details: F5 Networks Big-IP is vulnerable to an XML External Entity injection attack. Th...

5.5CVSS0.2AI score0.02525EPSS
Exploits2
exploitpack
exploitpackadded 2014/10/28 12:0 a.m.43 views

Enalean Tuleap 7.4.99.5 - Remote Command Execution

Enalean Tuleap 7.4.99.5 - Remote Command Execution Vulnerability title: Tuleap /usr/share/codendi/src/www/passwd.txt && "ozilla/5.0 Windows NT 6.1; WOW64; rv:31.0 Gecko/20100101 Firefox/31.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5...

9.3CVSS0.2AI score0.1039EPSS
Exploits6
exploitpack
exploitpackadded 2014/10/28 12:0 a.m.32 views

Enalean Tuleap 7.4.99.5 - Blind SQL Injection

Enalean Tuleap 7.4.99.5 - Blind SQL Injection Vulnerability title: Tuleap &globalfiltersubmit=Apply HTTP/1.1 Host: 192.168.56.108 User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64; rv:31.0 Gecko/20100101 Firefox/31.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Languag...

6.5CVSS0.1AI score0.13783EPSS
Exploits6
Exploit DB
Exploit DBadded 2014/10/28 12:0 a.m.42 views

Enalean Tuleap 7.4.99.5 - Remote Command Execution

Vulnerability title: Tuleap /usr/share/codendi/src/www/passwd.txt && "ozilla/5.0 Windows NT 6.1; WOW64; rv:31.0 Gecko/20100101 Firefox/31.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer:...

9.3CVSS6.6AI score0.1039EPSS
Exploits6
securityvulns
securityvulnsadded 2014/10/14 12:0 a.m.48 views

CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX

Vulnerability title: Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX CVE: CVE-2014-3074 Vendor: IBM Product: AIX Affected version: AIX 6.1 and 7.1 and VIOS 2.2. Reported by: Tim Brown Details: It has been identified that the runtime linker allows privilege escalati...

7.2CVSS1.4AI score0.00081EPSS
Exploits4
seebug.org
seebug.orgadded 2014/10/10 12:0 a.m.40 views

TestLink 1.9.11 - Multiple SQL Injection Vulnerabilities

No description provided by source. Vulnerability title: Multiple SQL Injection Vulnerabilities in TestLink CVE: CVE-2014-5308 Vendor: Testlink Product: TestLink Affected version: 1.9.11 Fixed version: Fixed in SVN commit number 7a09973 Reported by: Jerzy Kramarz Details: Two SQL injection...

9CVSS6.5AI score0.13551EPSS
Exploits6
seebug.org
seebug.orgadded 2014/10/10 12:0 a.m.32 views

PHPCompta/NOALYSS 6.7.1 5638 - Remote Command Execution

No description provided by source. Vulnerability title: Remote Command Execution in PHPCompta/NOALYSS CVE: CVE-2014-6389 Vendor: PHPCompta Product: PHPCompta/NOALYSS Affected version: 6.7.1 5638 Fixed version: 6.7.2 Reported by: Jerzy Kramarz Details: PhpCompta 6.7.1-2 does not validate the synta...

7.5CVSS6.5AI score0.12714EPSS
Exploits6
Packet Storm
Packet Stormadded 2014/10/02 12:0 a.m.44 views

PHPCompta/NOALYSS 6.7.1 5638 Remote Command Execution

Vulnerability title: Remote Command Execution in PHPCompta/NOALYSS CVE: CVE-2014-6389 Vendor: PHPCompta Product: PHPCompta/NOALYSS Affected version: 6.7.1 5638 Fixed version: 6.7.2 Reported by: Jerzy Kramarz Details: PhpCompta 6.7.1-2 does not validate the syntax of the commands when processing...

7.5CVSS6.6AI score0.12714EPSS
Exploits6
Rows per page
Query Builder