CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Security researcher Atmon3r, has submitted on 12/01/2012 a cross-site-scripting XSS vulnerability affecting www.mlowreyengraving.com, which at the time of submission ranked 16150353 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/01/2012. It...

6.6AI score

Exploits0References1

Prion•added 2012/09/23 5:55 p.m.•9 views

Sql injection

SQL injection vulnerability in search.php in Neturf eCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the SearchFor parameter. NOTE: some of these details are obtained from third party information...

7.5CVSS9AI score0.00403EPSS

Exploits1References4

CVE•added 2012/09/23 5:0 p.m.•31 views

CVE-2011-5198

CVE-2011-5198 is a confirmed SQL injection in the Neturf eCommerce Shopping Cart, targeting the search.php endpoint. The vulnerability allows remote attackers to append arbitrary SQL via the SearchFor parameter (no authentication required, network access). CVSS v2 metrics indicate a base score of...

7.5CVSS8.7AI score0.00403EPSS

Exploits1References4Affected Software1

Cvelist•added 2012/09/23 5:0 p.m.•12 views

CVE-2011-5198

8.3AI score0.00403EPSS

Exploits1References4

NVD•added 2008/07/28 4:41 p.m.•6 views

CVE-2008-3340

Cross-site scripting XSS vulnerability in searchresult.cfm in Jobbex JobSite allows remote attackers to inject arbitrary web script or HTML via the searchFor variable possibly the opt parameter...

4.3CVSS5.7AI score0.00329EPSS

Exploits0References5

Prion•added 2008/07/28 4:41 p.m.•9 views

Cross site scripting

Cross-site scripting XSS vulnerability in searchresult.cfm in Jobbex JobSite allows remote attackers to inject arbitrary web script or HTML via the searchFor variable possibly the opt parameter...

4.3CVSS6.1AI score0.00329EPSS

Exploits0References5

Prion•added 2008/06/19 8:41 p.m.•8 views

Sql injection

SQL injection vulnerability in search.asp in DT Centrepiece 4.0 allows remote attackers to execute arbitrary SQL commands via the searchFor parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.8AI score0.00413EPSS

Exploits0References3Affected Software1

NVD•added 2005/12/22 11:3 a.m.•5 views

CVE-2005-4477

Cross-site scripting XSS vulnerability in papaya CMS 4.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the babsearchfor parameter...

6.8CVSS5.7AI score0.00401EPSS

Exploits1References3

Cvelist•added 2005/11/26 8:0 p.m.•16 views

CVE-2005-3834

Cross-site scripting XSS vulnerability in search.php in Tunez 1.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchFor parameter...

5.7AI score0.0053EPSS

Exploits1References5

CVE•added 2005/05/10 4:0 a.m.•60 views

CVE-2004-2059

CVE-2004-2059 : The provided documents describe multiple cross-site scripting vulnerabilities in ASPrunner 2.4 . The flaws allow remote attackers to inject arbitrary web script or HTML via four input vectors: (1) the SearchFor parameter in [TABLE-NAME]_search.asp, (2) the SQL parameter in [TABLE-...

5CVSS6.6AI score0.10156EPSS

Exploits1References11Affected Software1

NVD•added 2005/05/03 4:0 a.m.•7 views

CVE-2005-1403

Multiple cross-site scripting XSS vulnerabilities in JustWilliam's Amazon Webstore 04050100 allow remote attackers to inject arbitrary web script or HTML via the 1 image parameter to closeup.php, the 2 currentIsExpanded or 3 searchFor parameters to index.php, 4 the currentNumber parameter to...

6.8CVSS5.8AI score0.01918EPSS

Exploits1References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by