CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

Cvelist•added 2013/08/21 4:0 p.m.•24 views

CVE-2013-4701

Auth/Yadis/XML.php in PHP OpenID Library 2.2.2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via XRDS data containing an external entity declaration in conjunction with an entity...

6.7AI score0.00881EPSS

Exploits1References5

Packet Storm•added 2011/01/03 12:0 a.m.•26 views

Sahana Agasti 0.6.4 SQL Injection

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com Sahana Agasti Connect$conf'dbhost'.$conf'dbport'?':'.$conf'dbport':'',$conf'dbuser',$conf'dbpass',$conf'dbname'; $level=$GET"sel...

Exploits0

0day.today•added 2011/01/02 12:0 a.m.•22 views

Sahana Agasti <= 0.6.4 SQL Injection Vulnerability

Exploit for php platform in category web applications Sahana Agasti Connect$conf'dbhost'.$conf'dbport'?':'.$conf'dbport':'',$conf'dbuser',$conf'dbpass',$conf'dbname'; $level=$GET"sel";...

7.1AI score

Exploits0

Exploit DB•added 2011/01/01 12:0 a.m.•25 views

Sahana Agasti 0.6.4 - SQL Injection

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com Sahana Agasti = 0.6.4 SQL Injection Vulnerability Script: "Agasti is the PHP based project of the Sahana Software Foundation...

7AI score

Exploits0

exploitpack•added 2011/01/01 12:0 a.m.•6 views

Sahana Agasti 0.6.4 - SQL Injection

Sahana Agasti 0.6.4 - SQL Injection :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com Sahana Agasti = 0.6.4 SQL Injection Vulnerability Script: "Agasti is the PHP based project o...

Exploits0

Prion•added 2010/05/11 12:2 p.m.•11 views

Sql injection

Multiple SQL injection vulnerabilities in Alwasel 1.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 show.php and 2 xml.php...

7.5CVSS9.3AI score0.00233EPSS

Exploits0References2Affected Software1

CVE•added 2010/05/10 8:0 p.m.•40 views

CVE-2009-4862

CVE-2009-4862 describes multiple SQL injection vulnerabilities in Alwasel 1.5. The affected functionality is the id parameter passed to two scripts, show.php and xml.php, which allows remote attackers to execute arbitrary SQL commands. The provided connected documents do not specify affected vers...

7.5CVSS8.8AI score0.00233EPSS

Exploits0References2Affected Software1

0day.today•added 2009/12/13 12:0 a.m.•16 views

Interspire Shopping Cart Full Path Disclosure

Exploit for unknown platform in category web applications ============================================= Interspire Shopping Cart Full Path Disclosure ============================================= Exploit Title: Interspire Shopping Cart Full Path Disclosure Date: 13-12-2009 Author: Mr.aFiR Softwar...

7.1AI score

Exploits0

exploitpack•added 2009/12/13 12:0 a.m.•19 views

Interspire Shopping Cart - Full Path Disclosure

Interspire Shopping Cart - Full Path Disclosure Exploit Title: Interspire Shopping Cart Full Path Disclosure Date: 13-12-2009 Author: Mr.aFiR Software Link: http://www.interspire.com/ Version: N/A Tested on: GNU/LINUX CVE : N/A Code : N/A / \ / \ / \ | | |/ | | | Y Y | V\ / Y| || |/ / A ||| \ | |...

7.4AI score

Exploits0

seebug.org•added 2009/12/13 12:0 a.m.•21 views

Interspire Shopping Cart Full Path Disclosure

No description provided by source. Exploit Title: Interspire Shopping Cart Full Path Disclosure Date: 13-12-2009 Author: Mr.aFiR Software Link: http://www.interspire.com/ Version: N/A Tested on: GNU/LINUX CVE : N/A Code : N/A / \ / \ / \ | | |/ | | | Y Y | V\ / Y| || |/ / A ||| \ | | | | || || ...

7.1AI score

Exploits0

Exploit DB•added 2009/12/13 12:0 a.m.•23 views

Interspire Shopping Cart - Full Path Disclosure

Exploit Title: Interspire Shopping Cart Full Path Disclosure Date: 13-12-2009 Author: Mr.aFiR Software Link: http://www.interspire.com/ Version: N/A Tested on: GNU/LINUX CVE : N/A Code : N/A / \ / \ / \ | | |/ | | | Y Y | V\ / Y| || |/ / A ||| \ | | | | || || \ // \ | | | || | | |/ |/|/ |/...

7.4AI score

Exploits0

exploitpack•added 2009/08/07 12:0 a.m.•11 views

Alwasel 1.5 - Multiple SQL Injections

Alwasel 1.5 - Multiple SQL Injections ------------------Alwasel v1.5 Multiple Remote Vulnerabilities---------------------------- ---------------------------------------------------------------------------------------------------------------- Script : Alwasel version : 1.5 Language: PHP Site:...

0.4AI score

Exploits0

seebug.org•added 2009/08/07 12:0 a.m.•16 views

Alwasel 1.5 Multiple Remote SQL Injection Vulnerabilities

No description provided by source. ------------------Alwasel v1.5 Multiple Remote Vulnerabilities---------------------------- ---------------------------------------------------------------------------------------------------------------- Script : Alwasel version : 1.5 Language: PHP Site:...

7.1AI score

Exploits0

Prion•added 2009/05/07 11:30 p.m.•11 views

Sql injection

Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, when magicquotesgpc is disabled, allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the 1 mail, 2 password, and 3 letra parameters to index.php; 4 y and 5 m parameters to sobre.php; and the...

6CVSS8.8AI score0.01798EPSS

Exploits1References8Affected Software1