CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6714 matches found

Cvelist•added 2010/10/06 8:0 p.m.•40 views

CVE-2010-3781

The PL/php add-on 1.4 and earlier for PostgreSQL does not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, a related issue to CVE-2010-3433...

7AI score0.01573EPSS

Exploits0References3

NVD•added 2010/10/06 5:0 p.m.•19 views

CVE-2010-3433

The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allow...

6CVSS7.1AI score0.03331EPSS

Exploits0References19

Cvelist•added 2010/10/06 4:0 p.m.•26 views

CVE-2010-3433

7.2AI score0.03331EPSS

Exploits0References19

OpenVAS•added 2010/10/06 12:0 a.m.•13 views

Uebimiau Webmail 'stage' Parameter Local File Include Vulnerability

Uebimiau Webmail is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This ma...

0.4AI score

Exploits0References2

Japan Vulnerability Notes•added 2010/10/05 10:31 a.m.•2 views

AD-EDIT2 vulnerable to cross-site scripting

Overview AD-EDIT2 contains a cross-site scripting vulnerability. AD-EDIT2 is a Contents Management System CMS software. AD-EDIT2 contains a cross-site scripting vulnerability. Seiei Higa of IT College Okinawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

4.3CVSS6.1AI score0.01042EPSS

Exploits0References5

0day.today•added 2010/09/26 12:0 a.m.•29 views

VisualSite CMS v1.3 Multiple Vulnerabilities

Exploit for asp platform in category web applications ============================================ VisualSite CMS v1.3 Multiple Vulnerabilities ============================================ Affected Version : VisualSite 1.3 Discovery : www.abysssec.com Download Links :...

7.1AI score

Exploits0

exploitpack•added 2010/09/01 12:0 a.m.•14 views

LeadTools ActiveX common dialogs 16.5 - Multiple Vulnerabilities

LeadTools ActiveX common dialogs 16.5 - Multiple Vulnerabilities LEADTOOLS ActiveX Common Dialogs 16.5 Multiple Remote Vulnerabilities Vendor: LEAD Technologies, Inc. Product Web Page: http://www.leadtools.com Affected version: 16.5.0.2 Summary: With LEADTOOLS you can control any scanner, digital...

0.4AI score

Exploits0

exploitpack•added 2010/08/26 12:0 a.m.•8 views

TCMS - Multiple Input Validation Vulnerabilities

TCMS - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/42766/info TCMS is prone to multiple input-validation vulnerabilities, including a local file-include vulnerability, a local file-disclosure vulnerability, multiple SQL-injection vulnerabilities, and multip...

Exploits0

exploitpack•added 2010/08/16 12:0 a.m.•14 views

Microsoft Internet Explorer 8 - toStaticHTML() HTML Sanitization Bypass

Microsoft Internet Explorer 8 - toStaticHTML HTML Sanitization Bypass source: https://www.securityfocus.com/bid/42467/info Internet Explorer 8 is prone to a security-bypass weakness. Internet Explorer 8 includes a method designed to sanitize executable script constructs from HTML. Attackers can...

7.2AI score

Exploits0

Exploit DB•added 2010/08/16 12:0 a.m.•35 views

123 Flash Chat 7.8 - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/42478/info 123 Flash Chat is prone to multiple security vulnerabilities. These vulnerabilities include a cross-site scripting vulnerability, multiple information-disclosure vulnerabilities, and a directory-traversal vulnerability. An attacker can exploit...

7.4AI score

Exploits0

0day.today•added 2010/08/11 12:0 a.m.•38 views

phpMyAdmin 3.3.5 XSS Vulnerability

Exploit for php platform in category web applications ================================== phpMyAdmin 3.3.5 XSS Vulnerability ================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1...

7.1AI score

Exploits0

Exploit DB•added 2010/08/10 12:0 a.m.•24 views

Mystic 0.1.4 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/42445/info Mystic is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score

Exploits0

OpenVAS•added 2010/08/03 12:0 a.m.•16 views

Whizzy CMS <= 10.02 LFI Vulnerability

Whizzy CMS is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.1AI score

Exploits0References1

Exploit DB•added 2010/07/27 12:0 a.m.•18 views

Social Media - 'index.php' Local File Inclusion

source: https://www.securityfocus.com/bid/42009/info Social Media is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in...

7AI score

Exploits0

exploitpack•added 2010/06/29 12:0 a.m.•13 views

Kryn.cms 6.0 - Cross-Site Request Forgery HTML Injection

Kryn.cms 6.0 - Cross-Site Request Forgery HTML Injection source: https://www.securityfocus.com/bid/41229/info Kryn.cms is prone to a cross-site request-forgery vulnerability and an HTML-injection vulnerability. Exploiting these issues may allow a remote attacker to perform certain administrative...

0.7AI score

Exploits0

securityvulns•added 2010/06/28 12:0 a.m.•61 views

[SWRX-2010-001] Cisco ASA HTTP Response Splitting Vulnerability

SecureWorks Security Advisory SWRX-2010-001 Cisco ASA HTTP Response Splitting Vulnerability Advisory Information Title: Cisco ASA HTTP Response Splitting Vulnerability Advisory ID: SWRX-2010-001 Advisory URL: http://www.secureworks.com/ctu/advisories/SWRX-2010-001 Date published: Thursday, June 2...

4.3CVSS6.7AI score0.11567EPSS

Exploits2

Japan Vulnerability Notes•added 2010/06/22 2:24 a.m.•2 views

Cross-Site Scripting Vulnerability in Interstage Portalworks and Interstage Interaction Manager Portal Function

Overview The portal function of Interstage Portalworks and Interstage Interaction Manager is vulnerable to cross-site scripting. Impact A remote attacker could execute arbitrary scripts on the affected browser. Solution Please refer to the 'Vendor Information' section for the official...

5CVSS6.9AI score

Exploits0References2

OpenVAS•added 2010/06/22 12:0 a.m.•19 views

Anodyne SIMM Management System (SMS) <= 2.6.10 LFI Vulnerability

Anodyne SIMM Management System SMS is prone to a local file inclusion LFI vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.8CVSS6.5AI score0.05124EPSS

Exploits1References2

OpenVAS•added 2010/06/22 12:0 a.m.•30 views

PithCMS <= 0.9.5 LFI Vulnerability - Active Check

PithCMS is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.1AI score

Exploits0References1

htbridge•added 2010/06/21 12:0 a.m.•24 views

Cross-site Scripting (XSS) Vulnerability in CompactCMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in CompactCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in CompactCMS The vulnerability exists due to input sanitation error in the "keywords" parameter in...

2.6CVSS6AI score

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by