CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Kitploit•added 2023/03/26 11:30 a.m.•109 views

Waf-Bypass - Check Your WAF Before An Attacker Does

WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. WAF Bypass Tool is developed by Nemesida WAF team with the participation of community. How to run I...

8.2AI score

Exploits0References1

OSV•added 2022/06/28 7:15 a.m.•2 views

CVE-2017-20104

A vulnerability was found in Simplessus 3.7.7. It has been declared as critical. This vulnerability affects unknown code of the component Cookie Handler. The manipulation of the argument UWASID leads to sql injection Time. The attack can be initiated remotely. The exploit has been disclosed to th...

7.5CVSS5.5AI score

Exploits0References2

CNNVD•added 2022/06/28 12:0 a.m.•3 views

Simplessus SQL注入漏洞

Simplessus is a modern software for managing customer relationships from the German company Simplessus. A SQL injection vulnerability exists in Simplessus version 3.7.7. An attacker could exploit this vulnerability to conduct a sql injection attack via the UWASID parameter...

7.5CVSS7.6AI score0.00818EPSS

Exploits1References4

Openbugbounty•added 2020/05/25 4:43 a.m.•7 views

handbooks.uwa.edu.au Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1171231 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

0.5AI score

CNVD•added 2019/01/03 12:0 a.m.•2 views

UWA Cross-Site Request Forgery Vulnerability

UWA is a universal content management system CMS. A cross-site request forgery vulnerability exists in the index.php?g=admin&c=admin&a=addadmindo URL in UWA version 2.3.11. A remote attacker can exploit this vulnerability to perform unauthorized operations...

8.8CVSS6.9AI score0.00494EPSS

OSV•added 2018/12/30 9:29 p.m.•1 views

CVE-2018-20612

UWA 2.3.11 allows index.php?g=admin&c=admin&a=addadmindo CSRF...

8.8CVSS5.8AI score0.00494EPSS

Prion•added 2018/12/30 9:29 p.m.•8 views

Cross site request forgery (csrf)

UWA 2.3.11 allows index.php?g=admin&c=admin&a=addadmindo CSRF...

6.8CVSS8.7AI score0.00494EPSS

Exploits1References1Affected Software1

NVD•added 2018/12/30 9:29 p.m.•10 views

CVE-2018-20612

UWA 2.3.11 allows index.php?g=admin&c=admin&a=addadmindo CSRF...

8.8CVSS8.7AI score0.00494EPSS

Cvelist•added 2018/12/30 9:0 p.m.•10 views

CVE-2018-20612

UWA 2.3.11 allows index.php?g=admin&c=admin&a=addadmindo CSRF...

8.7AI score0.00494EPSS

CVE•added 2018/12/30 9:0 p.m.•39 views

CVE-2018-20612

UWA 2.3.11 contains a Cross-Site Request Forgery (CSRF) flaw in the admin creation flow. Specifically, the vulnerability is triggered via index.php?g=admin&c=admin&a=add_admin_do, allowing an attacker to induce unauthorized admin operations. The CVE entry for CVE-2018-20612 reflects affected soft...

8.8CVSS8.6AI score0.00494EPSS

Exploits1References1Affected Software1

Openbugbounty•added 2018/03/31 8:5 a.m.•10 views

trinity.uwa.edu.au XSS vulnerability

Open Bug Bounty ID: OBB-594329 Description| Value ---|--- Affected Website:| trinity.uwa.edu.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Openbugbounty•added 2017/09/11 1:28 p.m.•9 views

governance.uwa.edu.au XSS vulnerability

Vulnerable URL: http://www.governance.uwa.edu.au/procedures/policies/policies-and-procedures?method=document=UP07/44"'--! Details: Description| Value ---|--- Patched:| No Latest check for patch:| 11.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / N...

Openbugbounty•added 2017/07/25 4:15 a.m.•10 views

directory.uwa.edu.au XSS vulnerability

Vulnerable URL: http://directory.uwa.edu.au//search?fields=simple=search="=both=person=incl=both Details: Description| Value ---|--- Patched:| No Latest check for patch:| 23.10.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...

Openbugbounty•added 2017/07/05 5:31 a.m.•14 views

meddent.uwa.edu.au XSS vulnerability

Vulnerable URL: http://www.meddent.uwa.edu.au/courses/postgraduate/apply-professional/int-std-path/mcat/"'--! Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...

Openbugbounty•added 2015/06/09 8:42 a.m.•13 views

scholarships.uwa.edu.au XSS vulnerability

Open Bug Bounty ID: OBB-65959 Description| Value ---|--- Affected Website:| scholarships.uwa.edu.au Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...

seebug.org•added 2015/04/14 12:0 a.m.•10 views

UWA 2.1.5 /core/tpl/page_trace.php 信息泄漏漏洞

No description provided by source...

7.1AI score

seebug.org•added 2015/04/14 12:0 a.m.•17 views

UWA 2.1.5 /core/lib/ext/AFilter.class.php 跨站脚本漏洞

No description provided by source...

7.1AI score

seebug.org•added 2015/04/14 12:0 a.m.•20 views

UWA 2.1.5 /core/lib/core/App.class.php 信息泄漏漏洞

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '1768' vul ID version = '1' author = '王畅' vulDate = '2014-12-16' createDate =...

7.1AI score