Lucene search
K

321 matches found

CVE
CVE
added 2024/04/17 12:0 a.m.73 views

CVE-2024-30990

CVE-2024-30990 describes a SQL injection in the Invoices page of the phpgurukul Client Management System (PHP & MySQL, v1.1). The vulnerability allows an attacker to execute arbitrary SQL commands through the searchdata parameter. The Red Hat and CNNVD entries corroborate the same issue, with the...

9.8CVSS8.7AI score0.00628EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.2 views

Client Management System 跨站脚本漏洞

PHPGurukul Client Management System is a client management system from the US-based PHPGurukul, Inc. Phpgurukul Client Management System suffers from a cross-site scripting vulnerability that originates from cross-site scripting contained in search-invoices.php, which allows an attacker to execut...

6.8CVSS6.7AI score0.00576EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.5 views

PT-2024-23709 · Unknown · Phpgurukul Complaint Management System

Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System version 1.1 Description: The issue allows attackers to execute arbitrary code and obtain sensitive information via the "Search bar" in the /search-invoices.php endpoint. This is a Cross Site Scripting...

6.8CVSS6.7AI score0.00576EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.7 views

PT-2024-23710 · Unknown · Phpgurukul Complaint Management System

Name of the Vulnerable Software and Affected Versions: phpgurukul Client Management System using PHP & MySQL version 1.1 Description: The issue allows attackers to execute arbitrary code via the cname, comname, state, and city parameters in the "/edit-client-details.php" endpoint. This enables...

5.4CVSS7.2AI score0.00442EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2024/04/17 12:0 a.m.16 views

CVE-2024-30989

Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter...

7.4AI score0.00442EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/04/17 12:0 a.m.31 views

CVE-2024-30986

Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter...

7.3AI score0.00429EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/12/21 12:0 a.m.4 views

HCL Technologies BigFix Mobile/Modern Client Management Cross-Site Scripting Vulnerability

HCL Technologies BigFix Mobile/Modern Client Management is a mobile device management software client from HCL Technologies. A security vulnerability exists in HCL Technologies BigFix Mobile/Modern Client Management v3.1 and prior versions, which stems from a stored cross-site scripting XSS...

6.6CVSS5.8AI score0.00313EPSS
Exploits0References2
CNVD
CNVD
added 2023/08/19 12:0 a.m.19 views

Rockwell Automation ThinManager Path Traversal Vulnerability (CNVD-2023-64278)

Rockwell Automation ThinManager is a thin client management software from Rockwell Automation, Inc. It allows thin clients to be assigned to multiple remote desktop servers simultaneously. A path traversal vulnerability exists in Rockwell Automation Thinmanager Thinserver, which stems from the...

9.8CVSS9.4AI score0.67838EPSS
Exploits1References1
NVD
NVD
added 2023/01/20 7:15 a.m.21 views

CVE-2021-27782

HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts...

7.5CVSS6.2AI score0.00346EPSS
Exploits0References1
Prion
Prion
added 2023/01/20 7:15 a.m.21 views

Code injection

HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts...

5CVSS7.6AI score0.00346EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/01/20 12:0 a.m.6 views

HCL Technologies BigFix Mobile/Modern Client Management 安全漏洞

HCL Technologies BigFix Mobile/Modern Client Management is a mobile device management software client from HCL Technologies. A security vulnerability exists in HCL BigFix Mobile/Modern Client Management, which arises from a brute-force cracking of passwords in the configuration interface...

7.5CVSS7.3AI score0.00346EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/01/19 6:54 p.m.30 views

CVE-2021-27782 HCL BigFix Mobile / Modern Client Management Server passwords are susceptible to a brute-force attack

HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts...

5.4CVSS7.8AI score0.00346EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/19 6:54 p.m.6 views

CVE-2021-27782 HCL BigFix Mobile / Modern Client Management Server passwords are susceptible to a brute-force attack

HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts...

5.4CVSS7.3AI score0.00346EPSS
Exploits0References1
CVE
CVE
added 2023/01/19 6:54 p.m.53 views

CVE-2021-27782

CVE-2021-27782 affects HCL BigFix Mobile / Modern Client Management Admin and Config UI. The issue allows brute-forcing of passwords in the configuration interfaces, with recommended user lockout after multiple invalid attempts. Connected sources confirm this behavior but do not consistently spec...

7.5CVSS6.5AI score0.00346EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/12/22 2:15 a.m.24 views

CVE-2021-43657

A Stored Cross-site scripting XSS vulnerability via MAster.php in Sourcecodetester Simple Client Management System SCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the vulnerable input fields...

5.4CVSS0.00716EPSS
Exploits1References1
OSV
OSV
added 2022/12/22 2:15 a.m.4 views

CVE-2021-43657

A Stored Cross-site scripting XSS vulnerability via MAster.php in Sourcecodetester Simple Client Management System SCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the vulnerable input fields...

5.4CVSS5.9AI score0.00716EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/12/22 12:0 a.m.2 views

Simple Client Management System 跨站脚本漏洞

Simple Client Management System is a Simple Client Management System by Carlo Montero Personal Developer. A security vulnerability exists in Simple Client Management System SCMS version 1.0, which stems from a stored cross-site scripting XSS vulnerability that could allow a remote attacker to...

5.4CVSS5.6AI score0.00716EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/12/22 12:0 a.m.5 views

PT-2022-11879 · Unknown · Sourcecodester Simple Client Management System

Name of the Vulnerable Software and Affected Versions: Sourcecodetester Simple Client Management System SCMS version 1.0 Description: A Stored Cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via vulnerable input fields in the MAster.php file. This...

5.4CVSS5.7AI score0.00716EPSS
Exploits1References4
OSV
OSV
added 2022/12/14 5:15 p.m.6 views

CVE-2022-46125

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=client/manageclient&id=...

7.2CVSS5.8AI score0.00804EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/12/14 12:0 a.m.4 views

Helmet Store Showroom Site SQL注入漏洞

Helmet Store Showroom Site is a platform by Carlo Montero Personal Developer. It allows potential customers of Inquiries Stores to virtually display helmet products. A security vulnerability exists in Helmet Store Showroom Site v1.1, which stems from an SQL injection vulnerability via...

7.2CVSS7.3AI score0.00804EPSS
Exploits1References2
Rows per page
Query Builder