CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2429 matches found

Prion•added 2018/01/09 5:29 a.m.•13 views

Design/Logic Flaw

The tabs-responsive plugin 1.8.0 for WordPress has XSS via the posttitle parameter to wp-admin/post.php...

3.5CVSS5.2AI score0.00595EPSS

Exploits1References2Affected Software1

CVE•added 2018/01/09 5:0 a.m.•40 views

CVE-2018-5312

The CVE concerns the WordPress tabs-responsive plugin (version 1.8.0) with a reflected/stored XSS via the post_title parameter to wp-admin/post.php. The root cause is unvalidated/post_title handling in the tabs-responsive plugin, enabling script execution that can lead to user cookies exposure. D...

5.4CVSS5.2AI score0.00595EPSS

Exploits1References2Affected Software1

OSV•added 2017/12/27 5:8 p.m.•3 views

CVE-2017-17908

PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general...

8.8CVSS5.8AI score0.00456EPSS

Exploits1References1

Prion•added 2017/12/27 5:8 p.m.•14 views

Cross site request forgery (csrf)

PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general...

6.8CVSS8.8AI score0.00456EPSS

Exploits1References1Affected Software1

CNVD•added 2017/12/15 12:0 a.m.•1 views

PHP Scripts Mall Responsive Realestate Script SQL Injection Vulnerability

PHP Scripts Mall Responsive Realestate Script is a PHP and MySQL based real estate sales website script by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Responsive Realestate Script version 3.2. A remote attacker can exploit this vulnerability by sending the...

9.8CVSS8.2AI score0.02204EPSS

Exploits1References1

CNVD•added 2017/12/15 12:0 a.m.•2 views

PHP Scripts Mall Responsive Events And Movie Ticket Booking Script SQL Injection Vulnerability

PHP Scripts Mall Responsive Events And Movie Ticket Booking Script is a PHP based online movie ticket booking script by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Responsive Events And Movie Ticket Booking Script version 3.2.1. The vulnerability can be...

9.8CVSS8.4AI score0.02204EPSS

Exploits1References1

OSV•added 2017/12/13 9:29 a.m.•2 views

CVE-2017-17628

Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter...

9.8CVSS5.8AI score0.02204EPSS

Exploits1References2

NVD•added 2017/12/13 9:29 a.m.•14 views

CVE-2017-17632

Responsive Events And Movie Ticket Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter...

9.8CVSS10AI score0.02204EPSS

Exploits1References2

Prion•added 2017/12/13 9:29 a.m.•14 views

Sql injection

Multireligion Responsive Matrimonial 4.7.2 has SQL Injection via the success-story.php succid parameter...

7.5CVSS9.9AI score0.02204EPSS

Exploits1References2Affected Software1

Prion•added 2017/12/13 9:29 a.m.•12 views

Sql injection

Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter...

7.5CVSS9.9AI score0.02204EPSS

Exploits1References2Affected Software1

Prion•added 2017/12/13 9:29 a.m.•10 views

Sql injection

Responsive Events And Movie Ticket Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter...

7.5CVSS9.9AI score0.02204EPSS

Exploits1References2Affected Software1

CVE•added 2017/12/13 9:0 a.m.•42 views

CVE-2017-17631

CVE-2017-17631 affects Multireligion Responsive Matrimonial 4.7.2, where a SQL injection is possible through the succid parameter in success-story.php. The vulnerability stems from unsafely handling user-supplied input, enabling an attacker to inject SQL commands. Product/version: Multireligion R...

9.8CVSS9.9AI score0.02204EPSS

Exploits1References2Affected Software1

CVE•added 2017/12/13 9:0 a.m.•45 views

CVE-2017-17628

CVE-2017-17628 affects Responsive Realestate Script 3.2 by PHP Scripts Mall. The vulnerability is a SQL injection in the property-list endpoint via the tbud parameter, allowing remote attackers to inject SQL commands. Public references (Exploit-DB entry 43297 and Packet Storm payload) indicate ex...

9.8CVSS9.9AI score0.02204EPSS

Exploits1References2Affected Software1

Cvelist•added 2017/12/13 9:0 a.m.•23 views

CVE-2017-17631

Multireligion Responsive Matrimonial 4.7.2 has SQL Injection via the success-story.php succid parameter...

10AI score0.02204EPSS

Exploits1References2

CVE•added 2017/12/13 9:0 a.m.•45 views

CVE-2017-17632

CVE-2017-17632 affects the PHP Scripts Mall Responsive Events And Movie Ticket Booking Script 3.2.1. The vulnerability is an SQL Injection via the findcity.php q parameter. Public references (NVD/CNVD) describe remote exploitation with potentially high impact and critical CVSS 3.0 score (C/H/I/A ...

9.8CVSS9.9AI score0.02204EPSS

Exploits1References2Affected Software1

Cvelist•added 2017/12/13 9:0 a.m.•17 views

CVE-2017-17632

Responsive Events And Movie Ticket Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter...

10AI score0.02204EPSS

Exploits1References2

exploitpack•added 2017/12/11 12:0 a.m.•8 views

Multireligion Responsive Matrimonial 4.7.2 - succid SQL Injection

Multireligion Responsive Matrimonial 4.7.2 - succid SQL Injection Exploit Title: Multireligion Responsive Matrimonial 4.7.2 - SQL Injection Dork: N/A Date: 09.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link:...

0.1AI score

Exploits0

exploitpack•added 2017/12/11 12:0 a.m.•12 views

Responsive Events Movie Ticket Booking Script 3.2.1 - findcity.php?q SQL Injection

Responsive Events Movie Ticket Booking Script 3.2.1 - findcity.php?q SQL Injection Exploit Title: Responsive Events & Movie Ticket Booking Script 3.2.1 - SQL Injection Dork: N/A Date: 09.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link:...

Exploits0

Exploit DB•added 2017/12/11 12:0 a.m.•72 views

Responsive Events & Movie Ticket Booking Script 3.2.1 - 'findcity.php?q' SQL Injection

Exploit Title: Responsive Events & Movie Ticket Booking Script 3.2.1 - SQL Injection Dork: N/A Date: 09.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/responsive-events-movie-ticket-booking-script/ Version: 3.2.1 Category: Webapps...

7.4AI score

Exploits0

Prion•added 2017/11/17 9:29 p.m.•10 views

Cross site scripting

Stored XSS in Salutation Responsive WordPress + BuddyPress Theme version 3.0.15 could allow logged-in users to do almost anything an admin can...

3.5CVSS5.2AI score0.00595EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by