CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1368 matches found

CVE•added 2010/02/22 8:0 p.m.•62 views

CVE-2010-0674

CVE-2010-0674 affects StatCounteX 3.1. The issue is improper access control: sensitive data is stored under the web root and can be downloaded via a direct request to path/stats.mdb, leading to partial confidentiality loss. Public references in the record indicate remote access exposure and provi...

5CVSS6.5AI score0.02445EPSS

Exploits1References3Affected Software1

NVD•added 2010/02/19 5:30 p.m.•15 views

CVE-2010-0665

JAG Just Another Guestbook 1.14 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request for jag/database.sql...

5CVSS6.2AI score0.0218EPSS

Exploits1References2

Prion•added 2010/02/19 5:30 p.m.•8 views

Improper access control

5CVSS6.7AI score0.0218EPSS

Exploits1References2Affected Software1

Cvelist•added 2010/02/19 5:0 p.m.•19 views

CVE-2010-0665

6.2AI score0.0218EPSS

Exploits1References2

securityvulns•added 2010/02/09 12:0 a.m.•17 views

Clearweb GeFest Web HomeServer directory traversal

It's possible to access files behind web root...

3.1AI score

Exploits0References1Affected Software1

0day.today•added 2010/01/26 12:0 a.m.•22 views

Joomla 1.5.12 connect back exploit

Exploit for unknown platform in category web applications ================================== Joomla 1.5.12 connect back exploit ================================== !/usr/bin/php . TITLE: Joomla 1.5.12 connect back exploit AUTHOR: Nikola Petrov email protected VERSION: 1.0 LICENSE: GNU General Publ...

7.1AI score

Exploits0

NVD•added 2010/01/06 10:0 p.m.•16 views

CVE-2009-4585

UranyumSoft Listing Service stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/db.mdb...

5CVSS6.3AI score0.02588EPSS

Exploits1References5

Prion•added 2010/01/06 10:0 p.m.•11 views

Improper access control

5CVSS6.9AI score0.02588EPSS

Exploits1References5

Cvelist•added 2010/01/06 9:33 p.m.•29 views

CVE-2009-4585

6.3AI score0.02588EPSS

Exploits1References5

Prion•added 2010/01/04 5:30 p.m.•14 views

Improper access control

Logoshows BBS 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/globepersonnel.mdb...

5CVSS6.9AI score0.02229EPSS

Exploits0References2Affected Software1

Cvelist•added 2010/01/04 5:0 p.m.•21 views

CVE-2009-4545

6.3AI score0.02229EPSS

Exploits0References2

NVD•added 2009/12/30 8:0 p.m.•15 views

CVE-2009-4465

DeluxeBB 1.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain user and configuration information, log data, and gain administrative access via a direct request to scripts in 1 templates/ including 2 templates/deluxe/admincp/...

7.5CVSS6.4AI score0.02369EPSS

Exploits2References5

Prion•added 2009/12/30 8:0 p.m.•16 views

Improper access control

7.5CVSS7AI score0.02369EPSS

Exploits2References5Affected Software1

Cvelist•added 2009/12/30 7:0 p.m.•31 views

CVE-2009-4465

6.4AI score0.02369EPSS

Exploits2References5

0day.today•added 2009/12/13 12:0 a.m.•16 views

Piwigo v2.0.6 Multiple Vulnerabilities

Exploit for unknown platform in category web applications ========================================= Piwigo : mysqlfetcharray expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\piwigo-2.0.6\include\functions.inc.php on line 936 The parentid and imageid and unsanitized however...

7.1AI score

Exploits0

exploitpack•added 2009/12/13 12:0 a.m.•14 views

Piwigo 2.0.6 - Multiple Vulnerabilities

Piwigo 2.0.6 - Multiple Vulnerabilities Piwigo v2.0.6 Multiple Vulnerabilities Found By: mrme Download: http://piwigo.org/ Tested On: Windows Vista Note: For educational purposes only Vulnerabilities: XSS, CSRF, SQL Injection Author contact date: 13/12/09 Note: There is possibly many other...

0.4AI score

Exploits0

NVD•added 2009/11/29 1:8 p.m.•16 views

CVE-2009-4096

RADIO istek scripti 2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain user credentials via a direct request for estafresgaftesantusyan.inc...

7.5CVSS6.3AI score0.02349EPSS

Exploits1References4

Cvelist•added 2009/11/28 11:0 a.m.•20 views

CVE-2009-4096

6.3AI score0.02349EPSS

Exploits1References4

seebug.org•added 2009/11/02 12:0 a.m.•40 views

Joomla 1.5.12 Remote Code Execution via TinyMCE File Upload Vulnerability

No description provided by source. ?php / Joomla 1.5.12 Remote Code Execution via TinyMCE upload vulnerability Tested against : - Joomla 1.5.12 / Ubuntu 8.10 / Apache 2.2.9 - Joomla 1.5.12 / Windows XP SP2 / Apache 2.2.12 Luca "daath" De Fulgentis - daath at nibblesec.org http://blog.nibblesec.or...

7.1AI score

Exploits0

Prion•added 2009/10/08 5:30 p.m.•15 views

Improper access control

Digitaldesign CMS 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for autoconfig.dd...

5CVSS6.9AI score0.03205EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by