Lucene search
+L

70 matches found

NVD
NVD
added 2022/05/25 2:15 p.m.23 views

CVE-2021-35487

Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates for the Manage Alerts page via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user,...

6.5CVSS0.00959EPSS
Exploits1References2
Prion
Prion
added 2022/05/25 2:15 p.m.21 views

Sql injection

Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates for the Manage Alerts page via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user,...

4CVSS6.8AI score0.00959EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/05/25 1:41 p.m.80 views

CVE-2021-35487

Summary : CVE-2021-35487 affects Nokia Broadcast Message Center up to version 11.1.0. An authenticated user can perform a Boolean Blind SQL Injection on the /owui/block/send-receive-updates endpoint via the extIdentifier HTTP POST parameter, enabling retrieval of the database user, database name,...

6.5CVSS6.7AI score0.00959EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/01/28 7:15 p.m.6 views

CVE-2021-41609

SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET before 5.052.000 allows a remote, unauthenticated attacker to retrieve data from the application's backend database via boolean-based blind and UNION injection...

9.8CVSS5.9AI score0.02138EPSS
Exploits1References2
seebug.org
seebug.org
added 2017/03/31 12:0 a.m.32 views

Mirage – Fancy Clone - SQL Injection

Mirage – Fancy Clone - SQL Injection Mirage – Fancy Clone, the presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can directly use, if you turn off the error display, you can use the time-based and Boolean...

7.8AI score
Exploits0
seebug.org
seebug.org
added 2017/03/29 12:0 a.m.35 views

Joomla! Component Simple Membership 3.3.3 - 'userId' Parameter SQL Injection

Joomla! Component Simple Membership 3.3.3 - the 'userId' Parameter SQL Injection Joomla! Component Simple Membership 3.3.3, the presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can directly use, if you tu...

7.8AI score
Exploits0
seebug.org
seebug.org
added 2017/02/27 12:0 a.m.27 views

Zigaform - SQL injection vulnerability

Zigaform the modelforms. in php form parameters into SQL statements cause SQL injection Injection point: http://localhost/PATH/formbuilder/frontend/viewform/? form=SQL payload: AND SELECT 2120 FROMSELECT COUNT,CONCAT0x716a7a6271,SELECT ELT2120=2120,1,0x7171767071,FLOORRAND02,md5233x FROM...

7.9AI score
Exploits0
seebug.org
seebug.org
added 2017/02/24 12:0 a.m.15 views

HotelCMS with Booking Engine - SQL injection vulnerability

http://localhost/PATH/locale? locale=SQL the locale parameter there is sql injection Wherein the error injection as follows: payload: http://localhost/PATH/locale? locale=1' AND SELECT 3507 FROMSELECT COUNT,CONCATFLOORRAND02,md5233x FROM INFORMATIONSCHEMA. The PLUGINS GROUP BY xa-- Lilt Test...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2016/12/14 2:37 p.m.28 views

LocalTapiola: SQL Injection in lapsuudenturva (viestinta.lahitapiola.fi)

Basic report information Summary: Hi, The ctxvarsemail parameter in http://viestinta.lahitapiola.fi/webApp/lapsuudenturva, can be exploited to perform an SQL Injection Attack. The parameter is ctxvarsemail Description: The value inside the ctx tag , doesn't properly sanitized to user input, it ca...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2016/04/20 12:0 a.m.20 views

PHPBack 1.3.0 - SQL Injection

/ + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/PHPBACK-v1.3.0-SQL-INJECTION.txt Vendor: ================ www.phpback.org Product: ================ PHPBack v1.3.0 Vulnerability Type: =================== SQL Injection CVE Reference:...

7.4AI score
Exploits0
Rows per page
Query Builder