CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

36 matches found

CVE•added 2025/09/10 7:2 p.m.•23 views

CVE-2025-10210

ChanCMS up to version 3.3.0 contains a SQL injection in the Search function (app/modules/api/service/Api.js) caused by manipulation of the key argument. The issue is exploitable remotely, and public PoC/exploit material exists; the vendor has not responded. A remediation is needed: upgrade to the...

8.8CVSS6.5AI score0.01195EPSS

Exploits0References5Affected Software1

exploitpack•added 2019/01/28 12:0 a.m.•37 views

ResourceSpace 8.6 - collection_edit.php SQL Injection

ResourceSpace 8.6 - collectionedit.php SQL Injection Exploit Title: ResourceSpace &redirect=yes&ref=3620&submitted=true&name=PWNED&keywords=&copy=&save=%C2%A0%C2%A0Save%C2%A0%C2%A0'...

Packet Storm•added 2019/01/28 12:0 a.m.•83 views

ResourceSpace 8.6 SQL Injection

Exploit Title: ResourceSpace &redirect=yes&ref=3620&submitted=true&name=PWNED&keywords=&copy=&save=%C2%A0%C2%A0Save%C2%A0%C2%A0'...

seebug.org•added 2014/07/01 12:0 a.m.•19 views

Energine CMS SQL Injection Vulnerability

No description provided by source. Vulnerability ID: HTB22655 Reference: http://www.htbridge.ch/advisory/sqlinjectioninenergine.html Product: Energine Vendor: Energine http://energine.org/ Vulnerable Version: Vendor Notification: 13 October 2010 Vulnerability Type: SQL Injection Status: Not Fixed...

seebug.org•added 2014/07/01 12:0 a.m.•69 views

sweetrice cms 0.6.7 - Multiple Vulnerabilities

No description provided by source. Vulnerability ID: HTB22669 Reference: http://www.htbridge.ch/advisory/resetadminpasswordinsweetricecms.html Product: SweetRice CMS Vendor: basic-cms.org http://www.basic-cms.org/ Vulnerable Version: 0.6.7 Vendor Notification: 21 October 2010 Vulnerability Type:...

Exploit DB•added 2014/05/08 12:0 a.m.•18 views

OpenFiler 2.99.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities

Exploit Title: Multiple persistent XSS in Openfiler Exploit author: Dolev Farhi @f1nhack Date 07/05/2014 Vendor homepage: http://www.openfiler.com Affected Software version: 2.99.1 Alerted vendor: 7.5.14 Software Description ===================== Openfiler is a network storage operating system...

securityvulns•added 2012/10/29 12:0 a.m.•130 views

VaM Shop Cross-Site Scripting and Blind SQL Injection Vulnerabilities

Product: VaM Shop Vendor: Vamsoft http://vamshop.ru/ Vulnerable Version: 1,69 and probably prior versions. Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: High Credit: Security Effect Teamhttp://seceffect.tumblr.com/ Vulnerability Details: 1. Blind SQL injection in...

Packet Storm•added 2011/11/26 12:0 a.m.•26 views

eSyndiCat Pro 2.3.05 Cross Site Scripting

Exploit Title: eSyndiCat Pro v2.3.05 Cross-Site Scripting XSS Script Page : http://www.esyndicat.com Date: 24:11:2011 Author : RandomStorm - http://www.randomstorm.com Avram Marius Gabriel d3v1l Tested on: Windows XP & Vista IE9 - Firefox 8.0 Note: Redirect and Html Injection can be performed als...

securityvulns•added 2011/01/11 12:0 a.m.•26 views

NewV: NewvCommon.ocx arbitrary command execution via the Runcommand attribute

Vendor: NewV http:// www.newv.com.cn/ Product: NewV smartclient http://demo.newv.com.cn/lds/module/smartclientsetting.exe Vulnerable Version: 1.0.0.18 Status: Not Fixed, Vendor Alerted Risk level: High Credit: Yu Guoyuguo.cngmail.com Description: An input validation issue exists in the NewV Activ...

0day.today•added 2011/01/07 12:0 a.m.•26 views

phpMySport 1.4 SQLi, Auth Bypass, Path Disclosure Vulnerabilities

Exploit for php platform in category web applications Product: phpMySport Vendor: phpMySport http://phpmysport.sourceforge.net/ Vulnerable Version: 1.4 Vendor Notification: 21 December 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level:...

securityvulns•added 2011/01/07 12:0 a.m.•45 views

SQL Injection in phpMySport

Vulnerability ID: HTB22770 Reference: http://www.htbridge.ch/advisory/sqlinjectioninphpmysport.html Product: phpMySport Vendor: phpMySport http://phpmysport.sourceforge.net/ Vulnerable Version: 1.4 Vendor Notification: 21 December 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor...

securityvulns•added 2011/01/07 12:0 a.m.•33 views

XSS vulnerability in F3Site

Vulnerability ID: HTB22758 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinf3site2.html Product: F3Site Vendor: COMPMaster http://dhost.info/compmaster/ Vulnerable Version: 2011 alfa 1 and probably prior versions Vendor Notification: 21 December 2010 Vulnerability Type: Stored XSS...

securityvulns•added 2011/01/07 12:0 a.m.•35 views

SQL Injection in phpMySport

Vulnerability ID: HTB22771 Reference: http://www.htbridge.ch/advisory/sqlinjectioninphpmysport1.html Product: phpMySport Vendor: phpMySport http://phpmysport.sourceforge.net/ Vulnerable Version: 1.4 Vendor Notification: 21 December 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor...

securityvulns•added 2011/01/07 12:0 a.m.•88 views

SQL Injection in phpMySport

Vulnerability ID: HTB22772 Reference: http://www.htbridge.ch/advisory/sqlinjectioninphpmysport2.html Product: phpMySport Vendor: phpMySport http://phpmysport.sourceforge.net/ Vulnerable Version: 1.4 Vendor Notification: 21 December 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor...

Exploit DB•added 2011/01/06 12:0 a.m.•22 views

phpMySport 1.4 - SQL Injection / Authentication Bypass / Full Path Disclosure

Vulnerability ID: HTB22770 Reference: http://www.htbridge.ch/advisory/sqlinjectioninphpmysport.html Product: phpMySport Vendor: phpMySport http://phpmysport.sourceforge.net/ Vulnerable Version: 1.4 Vendor Notification: 21 December 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor...

Exploit DB•added 2010/12/29 12:0 a.m.•28 views

kaibb 1.0.1 - Multiple Vulnerabilities

Vulnerability ID: HTB22749 Reference: http://www.htbridge.ch/advisory/bbcodexssinkaibb.html Product: KaiBB Vendor: Mi-Dia http://www.mi-dia.co.uk/ Vulnerable Version: 1.0.1 Vendor Notification: 09 December 2010 Vulnerability Type: BBcode XSS Status: Not Fixed, Vendor Alerted, Awaiting Vendor...

Packet Storm•added 2010/12/21 12:0 a.m.•21 views

Hycus CMS 1.0.3 Local File Inclusion

Vulnerability ID: HTB22737 Reference: http://www.htbridge.ch/advisory/lfiinhycuscms.html Product: Hycus CMS Vendor: Hycus Web Development Team http://www.hycus.com/ Vulnerable Version: 1.0.3 Vendor Notification: 07 December 2010 Vulnerability Type: LFI Status: Not Fixed, Vendor Alerted, Awaiting...

Exploit DB•added 2010/12/21 12:0 a.m.•23 views

Injader CMS - Multiple Vulnerabilities

Vulnerability ID: HTB22745 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityininjadercms1.html Product: Injader CMS Vendor: http://www.injader.com/ http://www.injader.com/ Vulnerable Version: 2.4.4 Vendor Notification: 07 December 2010 Vulnerability Type: XSS Cross Site Scripting Status...

securityvulns•added 2010/12/01 12:0 a.m.•60 views

SQL Injection in Eclime

Vulnerability ID: HTB22705 Reference: http://www.htbridge.ch/advisory/sqlinjectionineclime1.html Product: Eclime Vendor: www.eclime.com http://www.eclime.com/ Vulnerable Version: 1.1.2b Vendor Notification: 16 November 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted,...

Exploit DB•added 2010/11/04 12:0 a.m.•19 views

eoCMS 0.9.04 - Multiple Vulnerabilities

Vulnerability ID: HTB22677 Reference: http://www.htbridge.ch/advisory/bbcodexssineocms.html Product: eoCMS Vendor: eocms.com http://eocms.com Vulnerable Version: 0.9.04 Vendor Notification: 21 October 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted, Awaiting...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by