Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2006-0829

Malware in sbrugna...

7.5CVSS6.3AI score0.01258EPSS
Exploits2References9
Prion
Prionadded 2011/04/07 2:23 p.m.11 views

Sql injection

SQL injection vulnerability in the checkbanlist function in includes/sessions.php in Enano CMS 1.1.7pl1; 1.0.6pl2; and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2 allows remote attackers to execute arbitrary SQL commands via the email parameter to index.php. NOTE: some of these...

7.5CVSS9AI score0.02331EPSS
Exploits1References8Affected Software1
CVE
CVEadded 2011/04/07 2:0 p.m.36 views

CVE-2010-4780

SQL injection in Enano CMS affects the check_banlist code path (includes/sessions.php) and can be triggered via the email parameter to index.php, allowing remote execution of arbitrary SQL. Impact is SQL-level access to the application database for affected versions (1.1.7pl1, 1.0.6pl2 and possib...

7.5CVSS8.7AI score0.02331EPSS
Exploits1References8Affected Software1
Packet Storm
Packet Stormadded 2009/12/21 12:0 a.m.22 views

FestOS 2.2.1 Remote File Inclusion

Exploit Title: FestOs $reports header"Location:index.php"; include "includes/reportheader.php"; ? 3xplo!t : festospath/admin/reportsplacement.php?ABSOLUTEFILEPATH=Shell Code : FestOS.php requireonce$config'ABSOLUTEFILEPATH'."core/sessions.php"; 3xplo!t :...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2007/11/22 12:0 a.m.58 views

Wheatblog (wB) Remote File inclusion ..

Hello,, Wheatblog wB Remote File inclusion .. tested on 1.1 and older versions are injected Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Remote File Inclusion file : includes/sessions.php line 2 : code:-...

1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2006/03/07 12:0 a.m.13 views

Geeklog lib-sessions.php Session Cookie Handling Administrative Bypass

Binary data 3464.prm...

10CVSS7.3AI score0.00381EPSS
Exploits0References2
Cvelist
Cvelistadded 2006/02/21 11:0 p.m.11 views

CVE-2006-0823

Multiple SQL injection vulnerabilities in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allow remote attackers to inject arbitrary SQL commands via the 1 userid variable to users.php or 2 sessid variable to lib-sessions.php...

8AI score0.01258EPSS
Exploits2References8
UbuntuCve
UbuntuCveadded 2005/05/02 4:0 a.m.17 views

CVE-2005-0614

sessions.php in phpBB 2.0.12 and earlier allows remote attackers to gain administrator privileges via the autologinid value in a cookie...

7.5CVSS6AI score0.05083EPSS
Exploits0References1
NVD
NVDadded 2005/05/02 4:0 a.m.13 views

CVE-2005-0614

sessions.php in phpBB 2.0.12 and earlier allows remote attackers to gain administrator privileges via the autologinid value in a cookie...

7.5CVSS6.9AI score0.05083EPSS
Exploits0References4
securityvulns
securityvulnsadded 2005/03/09 12:0 a.m.29 views

phpBB 2.0.13 - user level exploit

This one goes for all phpBB versions up to 2.0.13. While applying and testing the patch for the autologin bug I found that phpBB2 doesn't reset the $userdata'userlevel' variable after a failed autologin. This is the vulvernable code in sessions.php: if $userid != ANONYMOUS $autologinkey =...

1.5AI score
Exploits0
CVE
CVEadded 2005/03/03 5:0 a.m.53 views

CVE-2005-0614

Affected software/component: phpBB (versions

7.5CVSS6.9AI score0.05083EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder