Lucene search
K

246 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:48 a.m.11 views

CVE-2024-40536

Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 were discovered to contain a stack overflow via the pin3gcode parameter in the config3gpara function...

5.3CVSS8AI score0.00446EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:4 a.m.3 views

CVE-2023-2037

A vulnerability was found in Campcodes Video Sharing Website 1.0. It has been classified as critical. This affects an unknown part of the file watch.php. The manipulation of the argument code leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...

9.8CVSS8.1AI score0.00791EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:51 p.m.10 views

CVE-2022-22881

Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /sys/user/queryUserComponentData...

9.8CVSS8.3AI score0.01374EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:23 p.m.8 views

CVE-2020-25875

A stored cross site scripting XSS vulnerability in the 'Smileys' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Smiley Code' parameter...

5.4CVSS5.5AI score0.00507EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 10:35 a.m.12 views

CVE-2019-16759

vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfigcode parameter in an ajax/render/widgetphp routestring request...

9.8CVSS7.4AI score0.99728EPSS
Exploits27References1
CNNVD
CNNVD
added 2025/05/09 12:0 a.m.4 views

Code-Projects Departmental Store Management System 安全漏洞

Code-Projects Departmental Store Management System is an open source departmental store management system from Code-Projects. A security vulnerability exists in Code-Projects Departmental Store Management System version 1.0, which is caused by a stack-based buffer overflow due to the operation of...

7.8CVSS5.8AI score0.00407EPSS
Exploits1References6
CNVD
CNVD
added 2025/03/19 12:0 a.m.3 views

Online Class and Exam Scheduling System department.php file cross-site scripting vulnerability

Online Class and Exam Scheduling System is an online class and exam scheduling system. Online Class and Exam Scheduling System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters id, code, and name ...

3.2CVSS6.2AI score0.00189EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/02/21 12:0 a.m.4 views

BDCOM Behavior Management and Auditing System 操作系统命令注入漏洞

BDCOM Behavior Management and Auditing System is a behavior management and auditing system from BDCOM China. An operating system command injection vulnerability exists in BDCOM Behavior Management and Auditing System version 20250210 and prior versions, which stems from a system command injection...

7.5CVSS7.8AI score0.02571EPSS
Exploits0References6
OSV
OSV
added 2025/02/20 3:15 p.m.2 views

CVE-2023-51308

PHPJabbers Car Park Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name, pluginsmsapikey, pluginsmscountrycode, title, pluginsmsapikey, title" parameters...

6.1CVSS5.8AI score0.00325EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2025/02/05 9:53 a.m.16 views

CVE-2024-3922

The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

10CVSS7.4AI score0.56209EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.4 views

PearProject SQL注入漏洞

PearProject is a project management system backend interface for vilson individual developers. A security vulnerability exists in PearProject version v2.8.10, which originates from an SQL injection vulnerability contained via the projectCode parameter on project.php...

9.8CVSS7.8AI score0.00497EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.4 views

PT-2025-1384 · Unknown · Pearprojectapi

Name of the Vulnerable Software and Affected Versions: pearProjectApi version 2.8.10 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the projectCode parameter at the "project.php" endpoint. Recommendations: For pearProjectApi version...

9.8CVSS8.1AI score0.00497EPSS
Exploits1References6
CNVD
CNVD
added 2025/01/16 12:0 a.m.2 views

BigAntSoft BigAnt office messenger SQL Injection Vulnerability

BigAntSoft BigAnt office messenger is a server/client instant messaging program for enterprise environments from BigAntSoft Australia. A SQL injection vulnerability exists in BigAntSoft BigAnt office messenger. The vulnerability can be exploited to conduct a SQL injection attack via the "devcode"...

6.3CVSS8AI score0.01729EPSS
Exploits6References1
CNNVD
CNNVD
added 2025/01/12 12:0 a.m.9 views

reggie 路径遍历漏洞

reggie is a takeaway website by 1902756969 individual developers. A path traversal vulnerability exists in reggie version 1.0, which stems from an information disclosure issue with the parameter code...

6.9CVSS5.2AI score0.00506EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/11 12:0 a.m.3 views

JeeWMS 注入漏洞

JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. An injection vulnerability exists in JeeWMS 20241229 and earlier versions, which stems from SQL injection in the parameter storecode...

8.8CVSS7AI score0.00625EPSS
Exploits1References3
OSV
OSV
added 2025/01/09 8:15 p.m.3 views

CVE-2024-54761

BigAnt Office Messenger 5.6.06 is vulnerable to SQL Injection via the 'devcode' parameter...

6.3CVSS5.8AI score
Exploits0References2
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.4 views

BigAntSoft BigAnt office messenger 安全漏洞

BigAntSoft BigAnt office messenger is a server/client instant messaging program for enterprise environments from BigAntSoft Australia. A SQL injection vulnerability exists in BigAntSoft BigAnt office messenger. The vulnerability can be exploited to conduct a SQL injection attack via the "devcode"...

6.3CVSS7.9AI score0.01729EPSS
Exploits6References3
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.4 views

PT-2025-1879 · WordPress · Coupon Plugin

Name of the Vulnerable Software and Affected Versions: Coupon Plugin plugin for WordPress versions up to, and including, 1.2.1 Description: The issue is related to Stored Cross-Site Scripting via the Coupon Code parameter due to insufficient input sanitization and output escaping. This allows...

6.4CVSS6.4AI score0.00228EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.5 views

WordPress plugin Coupon Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS7.7AI score0.00228EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/23 12:0 a.m.9 views

1000 Projects Attendance Tracking Management System 注入漏洞

1000 Projects Attendance Tracking Management System is an open source attendance management system from 1000 Projects. An injection vulnerability exists in 1000 Projects Attendance Tracking Management System version 1.0, which originates from the parameter coursecode in the file...

9.8CVSS7.9AI score0.00597EPSS
Exploits1References5
Rows per page
Query Builder