CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1269 matches found

securityvulns•added 2006/04/10 12:0 a.m.•30 views

MAXDEV CMS Multiple vulnerabilities

Full Path disclosure --------------------- This hole is caused by direct access to file includes/legacy.php not protected PoC : http://site.co.id/maxdev/includes/legacy.php Fix : Turn off display error in php.ini can fix this security issue Blind sql inject ----------------- This hole is caused b...

7.2AI score

Exploits0

Prion•added 2006/02/15 11:6 a.m.•10 views

Design/Logic Flaw

The 1 addfolder and 2 deletefolder functions in neomail-prefs.pl in NeoMail 1.28 do not validate the Session ID, which allows remote attackers to add and delete arbitrary files, when configured with homedirfolders and homedirspools disabled...

5CVSS7.1AI score0.01491EPSS

Exploits0References6Affected Software1

CVE•added 2005/08/16 4:0 a.m.•50 views

CVE-2004-2363

PHPX 3.0–3.2.6 contains a Validate-Before-Canonicalize flaw in functions.inc.php: checkURI can be bypassed with hex-encoded tags, enabling remote XSS via the limit parameter to forums.php and similar vectors. Impact is XSS without bypassing literal character checks. Affected component/function: c...

4.3CVSS6.2AI score0.01849EPSS

Exploits1References4Affected Software1

Cvelist•added 2005/08/16 4:0 a.m.•17 views

CVE-2004-2363

Validate-Before-Canonicalize vulnerability in the checkURI function in functions.inc.php in PHPX 3.0 through 3.2.6 allows remote attackers to conduct cross-site scripting XSS attacks via hex-encoded tags, which bypass the check for literal "", "", and "" characters, as demonstrated using the limi...

5.9AI score0.01849EPSS

Exploits1References4

exploitpack•added 2005/04/07 12:0 a.m.•9 views

Linksys WET11 - Password Update Remote Authentication Bypass

Linksys WET11 - Password Update Remote Authentication Bypass source: https://www.securityfocus.com/bid/13051/info A remote authentication bypass vulnerability affects Linksys WET11. This issue is due to a failure of the application to validate authentication credentials when processing password...

0.3AI score

Exploits0

Exploit DB•added 2005/04/07 12:0 a.m.•25 views

Linksys WET11 - Password Update Remote Authentication Bypass

source: https://www.securityfocus.com/bid/13051/info A remote authentication bypass vulnerability affects Linksys WET11. This issue is due to a failure of the application to validate authentication credentials when processing password change requests. An attacker may leverage this issue to...

7.4AI score

Exploits0

securityvulns•added 2003/01/03 12:0 a.m.•26 views

N/X (PHP)

Informations : °°°°°°°°°°°°°° Website : http://nxwcms.sourceforge.net/ Version : 2002 PreRelease 1 Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° nx/common/cds/menu.inc.php : ----------------------------------------------------------- ... requireonce...

0.5AI score

Exploits0