CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via siteadmin/usergroup.php...

6CVSS5.8AI score0.0045EPSS

Exploits2References3

NVD•added 2024/04/08 9:15 p.m.•9 views

CVE-2024-27631

Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via siteadmin/usergroup.php...

6CVSS6.8AI score0.0045EPSS

Exploits2References3

Positive Technologies•added 2024/04/08 12:0 a.m.•3 views

PT-2024-21979

Name of the Vulnerable Software and Affected Versions: GNU Savane versions 3.12 and earlier Description: A Cross Site Request Forgery issue allows a remote attacker to escalate privileges via the "siteadmin/usergroup.php" endpoint. This can be exploited to gain unauthorized access. Recommendation...

6CVSS6.6AI score0.0045EPSS

Exploits2References8

Packet Storm•added 2023/01/10 12:0 a.m.•240 views

Corpatech CMS 2 SQL Injection

==================================================================================================================================== | Title : Corpatech cms v2 SQL Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | |...

0.4AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•8 views

IPN Development Handler 2.0 - Multiple Vulnerabilities

No description provided by source. IPN Development Handler v2.0 CSRF Change Admin Account ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://scripts.filehungry.com/product/php/e-commerce/paypal/ipndevelopmenthandler/ ===...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•11 views

PHP JOBWEBSITE PRO siteadmin/forgot.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/32570/info PHP JOBWEBSITE PRO is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow ...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•12 views

AlstraSoft Video Share Enterprise 4.x Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/25019/info AlstraSoft Video Share Enterprise is affected by multiple input-validation vulnerabilities. These issues include multiple cross-site scripting vulnerabilities and multiple SQL-injection vulnerabilities...

7.1AI score

Exploits0

myhack58•added 2012/05/01 12:0 a.m.•27 views

Shoot off piikee auction website system injection vulnerability and fix-vulnerability warning-the black bar safety net

Because there are no manufacturers, just write a bidding system to it, came out good to With this system webmasters mind you. The system is called: shoot off piikee auction website system Why say 2B? The reception is all the files the parameter values are such, we see this code newsarc.php ? php...

0.5AI score

Exploits0

exploitpack•added 2010/12/23 12:0 a.m.•12 views

IPN Development Handler 2.0 - Multiple Vulnerabilities

IPN Development Handler 2.0 - Multiple Vulnerabilities IPN Development Handler v2.0 CSRF Change Admin Account ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script :...

0.5AI score

Exploits0

Exploit DB•added 2010/12/23 12:0 a.m.•24 views

IPN Development Handler 2.0 - Multiple Vulnerabilities

IPN Development Handler v2.0 CSRF Change Admin Account ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://scripts.filehungry.com/product/php/e-commerce/paypal/ipndevelopmenthandler/ === Exploit === IPN Development Handler...

7.4AI score

Exploits0

exploitpack•added 2010/06/28 12:0 a.m.•26 views

PageDirector CMS - Multiple Vulnerabilities

PageDirector CMS - Multiple Vulnerabilities Exploit Title : PageDirector CMS Multiple Vulnerabilities Date : 20 - 6 - 2010 Author : Tr0y-x Vendor : www.customerparadigm.com Version : All Versions Tested on : Linux Home : WwW.SeC-WaR.CoM Price : 675.00 $ loooooolz -== SQL Injection Vulenrability =...

0.4AI score

Exploits0

NVD•added 2009/01/27 1:30 a.m.•10 views

CVE-2008-5977

SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the adname parameter in a Submit action...

7.5CVSS8.4AI score0.00284EPSS

Exploits1References3

CVE•added 2009/01/27 1:0 a.m.•34 views

CVE-2008-5977

CVE-2008-5977 affects PHP JOBWEBSITE PRO (siteadmin/forgot.php) where the adname parameter in a Submit action is vulnerable to SQL injection. The underlying issue is an improper handling of user-supplied input, enabling remote attackers to potentially execute arbitrary SQL commands. The vulnerabi...

7.5CVSS8.7AI score0.00284EPSS

Exploits1References3Affected Software1

Prion•added 2008/11/13 11:30 a.m.•7 views

Sql injection

SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers to execute arbitrary SQL commands via the user parameter, as reachable from siteadmin/adminlogin.php. NOTE: some of these details are obtained from third party information...

7.5CVSS9AI score0.00801EPSS

Exploits0References6

CVE•added 2008/11/13 11:0 a.m.•43 views

CVE-2008-5058

CVE-2008-5058 describes an SQL injection flaw in Pre Simple CMS: the file at siteadmin/loginsucess.php allows remote attackers to execute arbitrary SQL commands via the user parameter, accessible from siteadmin/adminlogin.php . The issue is cited in multiple sources (e.g., NVD) with a high impact...

7.5CVSS8.3AI score0.00801EPSS

Exploits0References6Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by