CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3969 matches found

CNVD•added 2016/12/22 12:0 a.m.•3 views

dotCMS 'stName' Parameter SQL Injection Vulnerability

dotCMS is a content management system CMS developed in Java. A SQL injection vulnerability exists in the 'stName' parameter in dotCMS versions prior to 3.3.2, which allows remote attackers to execute arbitrary SQL commands via the stName parameter in api/content/save/1...

9.8CVSS8.7AI score0.021EPSS

Exploits0References1

Vulnerability Lab•added 2016/11/22 12:0 a.m.•32 views

Schoolhos CMS v2.29 - userberita SQL injection Vulnerability

Document Title: =============== Schoolhos CMS v2.29 - userberita SQL injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1932 Release Date: ============= 2016-11-22 Vulnerability Laboratory ID VL-ID: ==================================...

0.6AI score

Exploits0

OpenVAS•added 2016/09/12 12:0 a.m.•14 views

phpIPAM <= 1.2.1 Multiple Vulnerabilities

phpIPAM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpipam:phpipam"; ifdescription...

7.3AI score

Exploits0References2

CNVD•added 2016/08/31 12:0 a.m.•54 views

vBulletin forumrunner/includes/moderation.php SQL Injection Vulnerability

VBulletin is a powerful, flexible and fully customizable suite of forum programs. A SQL injection vulnerability exists in the forumrunner/includes/moderation.php file in versions of vBulletin prior to 4.2.2 Patch Level 5 and prior to 4.2.3 Patch Level 1. A remote attacker can exploit this...

9.8CVSS9.9AI score0.68493EPSS

Exploits7References1

0day.today•added 2016/08/08 12:0 a.m.•60 views

PHPCollab CMS 2.5 - (emailusers.php) SQL Injection

Exploit for php platform in category web applications Document Title: =============== phpCollab v2.5 CMS - SQL Injection Vulnerability Product & Service Introduction: =============================== phpCollab is an open source internet-enabled system for use in projects that require collaboration...

7.1AI score

Exploits0

CNVD•added 2016/05/21 12:0 a.m.•3 views

Hi Technology & Services CMS SQL Injection Vulnerability

Hi Technology & Services CMS suffers from a SQL injection vulnerability that allows remote attackers to execute malicious sql commands to connect to dbms...

8.6AI score

Exploits0References1

Vulnerability Lab•added 2016/04/24 12:0 a.m.•23 views

Negin Group CMS - (v) Multiple Web Vulnerabilities

Document Title: =============== Negin Group CMS - v Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1831 Release Date: ============= 2016-04-24 Vulnerability Laboratory ID VL-ID: ==================================== 1831 Comm...

7.4AI score

Exploits0

Exploit DB•added 2015/09/15 12:0 a.m.•26 views

WordPress Plugin CP Reservation Calendar 1.1.6 - SQL Injection

Exploit Title: WordPress: cp-reservation-calendar 1.1.6 SQLi injection Date: 2015-09-15 Google Dork: Index of /wp-content/plugins/cp-reservation-calendar/ Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Software Link: https://downloads.wordpress.org/plugin/cp-reservation-calendar.z...

7AI score

Exploits0

seebug.org•added 2015/09/09 12:0 a.m.•49 views

JSPMySQL Administrador CSRF & XSS Vulnerabilities

JSPMySQL Administrador，通过基于jsp技术的B/S模式来远程管理MySQL数据库。下载链接：https://sites.google.com/site/mfpledon/producao-de-software影响版本：JSPMySQL Administrador V.1漏洞类型：CSRF、XSS漏洞等级: 高危CVE-ID：N/A披露时间：供应商通知：2015年8月31日公开披露：2015年9月4日漏洞详情：1）允许远程攻击者在没有CSRF令牌的情况下，在MySQL数据库中执行任意的SQL命令。2）listabd2.jsp中存在XSS的切入点。请求方法：POST ...

7.1AI score

Exploits0

Exploit DB•added 2015/04/02 12:0 a.m.•36 views

WordPress Plugin Business Intelligence - SQL Injection (Metasploit)

Exploit Title : Wordpress Plugin 'Business Intelligence' Remote SQL Injection vulnerability Author : Jagriti Sahu AKA Incredible Vendor Link : https://www.wpbusinessintelligence.com Download Link : https://downloads.wordpress.org/plugin/wp-business-intelligence-lite.1.6.1.zip Date : 1/04/2015...

7.4AI score

Exploits0

myhack58•added 2015/01/23 12:0 a.m.•25 views

Cacti monitoring system injection vulnerability trigger the bloodshed-vulnerability warning-the black bar safety net

Preface: Security is a whole, any one of the short Board will cause Safety accident, from the border network to the IDC operation and maintenance of the network to the office network, are the whole of each of the network cannot be ignored. Enterprise in for security to do a multi-layer protection...

0.3AI score

Exploits0

Vulnerability Lab•added 2014/12/17 12:0 a.m.•23 views

E-Journal CMS (ID) - Multiple Web Vulnerabilities

Document Title: =============== E-Journal CMS ID - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1380 Release Date: ============= 2014-12-17 Vulnerability Laboratory ID VL-ID: ==================================== 1380 Commo...

7.1AI score

Exploits0

0day.today•added 2014/11/13 12:0 a.m.•28 views

MyBB 1.8.X - Multiple Vulnerabilities

Latest MyBB forum software suffers on multiple vulnerabilities, including SQL Injection and Cross Site Scripting. Such bugs may allow attacker to perform remote sql queries against the database, and so on. Title: MyBB 1.8.X - Multiple Vulnerabilities Date: 13.11.2014 Tested on: Linux / Apache 2.2...

8AI score

Exploits0

seebug.org•added 2014/09/18 12:0 a.m.•31 views

LoadedCommerce7 - Systemic Query Factory Vulnerability

No description provided by source. Title: LoadedCommerce7 Systemic Query Factory Vulnerability Advisory: http://breaking.technology/advisories/CVE-2014-5140.txt Credits: Discovered by Breaking Technology Research Labs 2014-06-30 Reference: CVE-2014-5140 - Assigned 31 June 2014 Timeline: Vendor...

7.1CVSS8.7AI score0.02682EPSS

Exploits6

0day.today•added 2014/09/08 12:0 a.m.•42 views

LoadedCommerce7 - Systemic Query Factory Vulnerability

Loaded Commerce 7 shopping cart/online store suffers from a systemic vulnerability in its query factory, allowing attackers to circumvent user input sanitizing to perform remote SQL injection. Title: LoadedCommerce7 Systemic Query Factory Vulnerability Advisory:...

7.1CVSS0.6AI score0.02682EPSS

Exploits6

Exploit DB•added 2014/09/07 12:0 a.m.•40 views

LoadedCommerce7 - Systemic Query Factory

Title: LoadedCommerce7 Systemic Query Factory Vulnerability Advisory: http://breaking.technology/advisories/CVE-2014-5140.txt Credits: Discovered by Breaking Technology Research Labs 2014-06-30 Reference: CVE-2014-5140 - Assigned 31 June 2014 Timeline: Vendor notified - 29 July 2014 Vendor...

8.8CVSS7AI score0.02682EPSS

Exploits6

securityvulns•added 2014/08/26 12:0 a.m.•75 views

TomatoCart v1.x (latest-stable) Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3978 - Remote SQL Injection Vulnerability CVE-2014-3830 - Reflected Cross Site Scripting - ------------------------------------------------------------------------------ Title: TomatoCart v1.x latest-stable Remote SQL Injection Vulnerability...

6.5CVSS7.7AI score0.01727EPSS

Exploits8