CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2002-0210

Malware in sbrugna...

2.1CVSS6.4AI score0.00102EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-8871

Malware in sbrugna...

9.8CVSS9.2AI score0.21097EPSS

Exploits3References4

RedhatCVE•added 2025/05/22 10:9 a.m.•3 views

CVE-2019-19245

NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginFormusername field when double quotes are used...

9.8CVSS8.1AI score0.21097EPSS

Exploits3References1

Exploit DB•added 2025/04/14 12:0 a.m.•177 views

Xinet Elegant 6 Asset Lib Web UI 6.1.655 - SQL Injection

Exploit Title: Xinet Elegant 6 Asset Lib Web UI 6.1.655 - SQL Injection Exploit author: hyp3rlinx import requests,time,re,sys,argparse NAPC Xinet Elegant 6 Asset Library v6.1.655 Pre-Auth SQL Injection 0day Exploit By hyp3rlinx ApparitionSec UPDATED: Jan 2024 for python3 TODO: add SSL support...

7.4AI score

Exploits0

Check Point Advisories•added 2020/11/16 12:0 a.m.•1 views

NAPC Xinet Elegant 6 Asset Library SQL injection (CVE-2019-19245)

An SQL injection vulnerability exists in NAPC Xinet Elegant 6 Asset Library. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

7.5CVSS4AI score0.21097EPSS

Exploits3

NVD•added 2019/12/02 2:15 p.m.•8 views

CVE-2019-19245

NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginFormusername field when double quotes are used...

9.8CVSS9.9AI score0.21097EPSS

Exploits3References3

Prion•added 2019/12/02 2:15 p.m.•11 views

Sql injection

NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginFormusername field when double quotes are used...

7.5CVSS9.8AI score0.21097EPSS

Exploits3References2Affected Software1

CVE•added 2019/12/02 1:54 p.m.•51 views

CVE-2019-19245

NAPC Xinet Elegant 6 Asset Library Web Interface v6.1.655 is affected by a Pre-Authentication SQL Injection in the /elegant6/login endpoint via the LoginForm[username] field when double quotes are used. Root cause is lack of input validation allowing SQL statements to be injected before authentic...

9.8CVSS9.9AI score0.21097EPSS

Exploits3References3Affected Software1

Cvelist•added 2019/12/02 1:54 p.m.•13 views

CVE-2019-19245

NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginFormusername field when double quotes are used...

10AI score0.21097EPSS

Exploits3References2

CNVD•added 2019/12/02 12:0 a.m.•2 views

NAPC Xinet Elegant 6 Asset Library Web Interface SQL Injection Vulnerability

The NAPC Xinet interface Elegant 6 Asset Library is a web-based interface to the XIET asset management solution. A SQL injection vulnerability exists in NAPC Xinet interface Elegant 6 Asset Library version 6.1.655. The vulnerability stems from a lack of validation of externally entered SQL...

9.8CVSS8.2AI score0.21097EPSS

Exploits3References1

0day.today•added 2019/11/30 12:0 a.m.•173 views

Xinet Elegant 6 Asset Library Web Interface 6.1.655 SQL Injection Vulnerability

NAPC Xinet interface Elegant 6 Asset Library version 6.1.655 allows pre-authentication error-based SQL injection via the /elegant6/login LoginFormusername field when double quotes are used. + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

10AI score0.21097EPSS

Exploits3

Packet Storm•added 2019/11/30 12:0 a.m.•317 views

Xinet Elegant 6 Asset Library Web Interface 6.1.655 SQL Injection

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAPC-XINET-ELEGANT-6-ASSET-LIBRARY-WEB-INTERFACE-PRE-AUTH-SQL-INJECTION.txt + ISR: ApparitionSec Vendor www.napc.com Product Xinet Elegant 6 Asset Library Web Interface v6.1.655 Web based...

0.4AI score0.21097EPSS

Exploits3

CERT•added 2016/05/19 12:0 a.m.•26 views

Up.time agent for Linux does not authenticate a user before allowing read access to the file system

Overview The up.time agent for Linux versions 7.5 and 7.6 may allow an unauthenticated remote attacker to read arbitrary files from a system. Description CWE-306: Missing Authentication for Critical Function - CVE-2015-8268According to the researcher, "The linux based uptime.agent version 7.5...

7.5CVSS8.1AI score0.00911EPSS

Exploits0References2

Cvelist•added 2003/04/02 5:0 a.m.•15 views

CVE-2002-0213

xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory...

6.3AI score0.00102EPSS

Exploits0References4

CVE•added 2003/04/02 5:0 a.m.•51 views

CVE-2002-0213

CVE-2002-0213 affects SGI Xinet K-AShare (IRIX) 0.011.01. The vulnerability arises from a symlink attack on the VOLICON file, which is copied to the world-writable .HSicon directory in a shared path. This enables local users to read arbitrary files. The SGI advisory notes the issue as fixed in th...

2.1CVSS6.3AI score0.00102EPSS

Exploits0References4Affected Software2

securityvulns•added 2002/06/12 12:0 a.m.•34 views

Xinet K-Talk Appletalk(tm) xkas vulnerability on IRIX

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: Xinet K-Talk Appletalktm xkas vulnerability Number: 20020604-01-I Date: June 10, 2002 Reference: CAN-2002-0213 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that the Appletalktm...

2.1CVSS0.2AI score0.00102EPSS

Exploits0

NVD•added 2002/05/16 4:0 a.m.•15 views

CVE-2002-0213

xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory...

2.1CVSS6.3AI score0.00102EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by