CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-8004

Malware in sbrugna...

6.5CVSS6.6AI score0.00684EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-4875

Malware in sbrugna...

7.5CVSS6.1AI score0.04032EPSS

Exploits0References10

GithubExploit•added 2025/08/13 1:25 a.m.•139 views

Exploit for CVE-2024-47533

CVE-2024-47533 - Cobbler XMLRPC Authentication Bypass RCE Expl...

9.8CVSS9.6AI score0.70891EPSS

Exploits6

Hacker One•added 2025/07/16 2:8 p.m.•5 views

Tucows (VDP): Vulnerability: XML-RPC Interface Enabled and Accessible

Summary The website ███ has the XMLRPC interface enabled which exposes several methods including pingbackping and systemmulticall These methods can be abused by attackers to perform high volume denial of service DDoS attacks and brute force amplification attacks which can severely impact the...

7AI score

Exploits0

ATTACKERKB•added 2022/08/24 9:15 a.m.•1 views

CVE-2022-38078

Movable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability. Sending a specially crafted message by POST method to Movable Type XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. Affected products and...

9.8CVSS7.4AI score0.05225EPSS

Exploits0References3

Prion•added 2017/08/28 7:29 p.m.•11 views

Directory traversal

Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5...

5.5CVSS7.1AI score0.00684EPSS

Exploits0References2Affected Software1

Cvelist•added 2017/08/28 7:0 p.m.•15 views

CVE-2014-8163

Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5...

6.5AI score0.00684EPSS

Exploits0References2

OpenVAS•added 2012/12/13 12:0 a.m.•18 views

SuSE Update for update openSUSE-SU-2012:0655-1 (update)

Check for the Version of update OpenVAS Vulnerability Test $Id: gbsuse201206551.nasl 8267 2018-01-02 06:29:17Z teissa $ SuSE Update for update openSUSE-SU-2012:0655-1 update Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program ...

7.5CVSS9.6AI score0.00474EPSS

Exploits1References1

OSV•added 2012/06/16 12:55 a.m.•0 views

UBUNTU-CVE-2012-2395

Incomplete blacklist vulnerability in actionpower.py in Cobbler 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 username or 2 password fields to the powersystem method in the xmlrpc API...

7.5CVSS7.6AI score0.00474EPSS

Exploits1References4

OPENSUSE Linux•added 2012/05/29 3:8 p.m.•26 views

update for cobbler (important)

The xmlrpc interface of cobbler was prone to command injectoin...

7.5CVSS2.6AI score0.00474EPSS

Exploits1References1

OSV•added 2007/09/14 6:17 p.m.•5 views

CVE-2007-4894

Multiple SQL injection vulnerabilities in Wordpress before 2.2.3 and Wordpress multi-user MU before 1.2.5a allow remote attackers to execute arbitrary SQL commands via the posttype parameter to the pingback.extensions.getPingbacks method in the XMLRPC interface, and other unspecified parameters...

8.7AI score

Exploits0References9

UbuntuCve•added 2007/09/14 6:17 p.m.•15 views

CVE-2007-4894

7.5CVSS6AI score0.04032EPSS

Exploits0References1

Prion•added 2007/09/14 6:17 p.m.•10 views

Sql injection

7.5CVSS8.8AI score0.04032EPSS

Exploits0References9Affected Software1

Packet Storm•added 2005/07/01 12:0 a.m.•38 views

wpcmdexec.pl.txt

!/usr/bin/perl -w Wordpress 1.5.1.2 Strayhorn // XMLRPC Interface SQL Injection By James Bercegay // http://www.gulftech.org/ // June 21 2005 Quick and dirty proof of concept that uses the XML RPC server vulnerabilities I discovered to extract a password hash & use that hash to execute shell...

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by