13 matches found
CVE-2026-45347
creationtimestamp| type| source ---|---|--- 2026-05-09 22:47:27+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-f776-fp4w-266c 2026-05-16 00:51:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlwmx6fwfz2t...
EUVD-2025-45347
Malicious code in scornfulduckz3n npm...
CVE-2024-45347
creationtimestamp| type| source ---|---|--- 2025-06-23 09:44:39+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19186 2025-06-23 10:03:28+00:00| published-proof-of-concept| Telegram/GDm1H2yMsUWi0B2hrQwSaQ-hj0W8UNWimUdimX7TtAl1LE 2025-06-23 11:14:00+00:00| seen|...
CVE-2024-45347 Mi Connect Service APP protocol flaws lead to unauthorized access
An unauthorized access vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to Unauthorized access to the victim’s device...
CVE-2022-45347
Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has been fixed in Apac...
CVE-2023-45347 Online Food Ordering System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'verified' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45347 Online Food Ordering System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'verified' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2022-45347
The CVE-2022-45347 issue affects Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as the backend. The root cause is incomplete cleanup of the database session after client authentication fails, which could allow an attacker to issue normal commands by connecting with a crafted MySQL cl...
CVE-2022-45347 Apache ShardingSphere-Proxy: MySQL authentication bypass
Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has been fixed in Apac...
CVE-2022-45347 Apache ShardingSphere-Proxy: MySQL authentication bypass
Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has been fixed in Apac...
CVE-2021-45347
creationtimestamp| type| source ---|---|--- 2022-02-14 22:33:06+00:00| seen| https://t.me/cibsecurity/37445...
CVE-2021-45347
An Incorrect Access Control vulnerability exists in zzcms 8.2, which lets a malicious user bypass authentication by changing the user name in the cookie to use any password...
CVE-2021-45347
CVE-2021-45347 affects zzcms 8.2. It is an Incorrect Access Control vulnerability allowing an unauthenticated attacker to bypass login by changing the username in the cookie to use any password. The connected sources consistently describe this flaw as an authentication bypass in zzcms 8.2. No spe...