CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Hacker One•added 2018/05/26 1:26 p.m.•17 views

Monero: forum.getmonero.org Shell upload

Summary: The method uploadProfile in the UsersController allows an attacker to upload a shell to the target server due to lack of image validation. Description: Steps To Reproduce: 1. Open POC https://forum.getmonero.org/uploads/profile/lNobodyl1527340454.php or...

7.1AI score

Exploits0

Openbugbounty•added 2016/05/15 12:31 a.m.•11 views

ded.abudhabi.ae XSS vulnerability

Vulnerable URL: https://ded.abudhabi.ae/UserControls/SendToFriend/SendToFriend.aspx?lan=en=/en/studies-indicators/field-surveys-bank=%22%3E%3C/title%3E%3Cimg%20src=x%20onerror=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerabili...

6.3AI score

Exploits0

Prion•added 2011/05/20 10:55 p.m.•11 views

Design/Logic Flaw

The SmarterTools SmarterStats 6.0 web server allows remote attackers to obtain directory listings via a direct request for the 1 Admin/, 2 Admin/Defaults/, 3 Admin/GettingStarted/, 4 Admin/Popups/, 5 AppThemes/, 6 Client/, 7 Client/Popups/, 8 Services/, 9 Temp/, 10 UserControls/, 11...

5CVSS7AI score0.00772EPSS

Exploits0References4Affected Software1

NVD•added 2010/09/16 10:0 p.m.•9 views

CVE-2010-3425

Cross-site scripting XSS vulnerability in UserControls/Popups/frmHelp.aspx in SmarterStats 5.3, 5.3.3819, and possibly other 5.3 versions, allows remote attackers to inject arbitrary web script or HTML via the url parameter...

4.3CVSS5.8AI score0.02646EPSS

Exploits5References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by