Lucene search
K

235 matches found

GithubExploit
GithubExploit
added 2023/05/17 6:27 a.m.6 views

Exploit for SQL Injection in Escanav Escan_Management_Console

eScan Management Console 14.0.1400.2281 - SQL Injection Auth...

7.2CVSS8.6AI score0.04312EPSS
Exploits5
Cvelist
Cvelist
added 2023/05/17 12:0 a.m.41 views

CVE-2023-31702

SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1...

8AI score0.04312EPSS
Exploits5References2
Positive Technologies
Positive Technologies
added 2023/05/17 12:0 a.m.5 views

PT-2023-23422 · Microworld · Microworld Escan Management Console

Name of the Vulnerable Software and Affected Versions: MicroWorld eScan Management Console version 14.0.1400.2281 Description: The issue allows a remote attacker to perform SQL injection in the View User Profile feature, enabling them to dump the entire database and gain a Windows XP command shel...

7.2CVSS8.8AI score0.04312EPSS
Exploits5References9
CNNVD
CNNVD
added 2023/05/17 12:0 a.m.4 views

MicroWorld eScan Management Console SQL注入漏洞

MicroWorld eScan Management Console is a control panel from MicroWorld Japan. It helps system administrators remotely manage all eScan client computers on a network. A security vulnerability exists in MicroWorld eScan Management Console version 14.0.1400.2281, which stems from the presence of SQL...

7.2CVSS7.5AI score0.04312EPSS
Exploits5References4
Packet Storm
Packet Storm
added 2023/05/04 12:0 a.m.244 views

Companymaps 8.0 SQL Injection

Exploit Title: Unauthenticated SQL injection - Google Dork: - Date: 27.04.2023 - Exploit Author: Lucas Noki 0xPrototype - Vendor Homepage: https://github.com/vogtmh - Software Link: https://github.com/vogtmh/cmaps - Version: 8.0 - Tested on: Mac, Windows, Linux - CVE : CVE-2023-29809 Description:...

6.9AI score0.10514EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.201 views

Yoga Class Registration System v1.0 - Multiple SQLi

Exploit Title: Yoga Class Registration System v1.0 - Multiple SQLi Date: 19/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.html Software...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/20 12:0 a.m.274 views

Online Pizza Ordering System 1.0 SQL Injection

Exploit Title: Online Pizza Ordering System 1.0 - "id" SQLi Date: 19/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16166/online-pizza-ordering-system-php-free-source-code.html Software Download:...

0.2AI score
Exploits0
GithubExploit
GithubExploit
added 2023/01/06 7:7 p.m.491 views

Exploit for SQL Injection in Reputeinfosystems Bookingpress

CVE-2022-0739 My take on CVE-2022-0739 BookingPress exploit,...

9.8CVSS9.6AI score0.37171EPSS
Exploits11
NVD
NVD
added 2022/10/31 8:15 p.m.23 views

CVE-2022-42923

Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'id' parameter in the 'appCore/index.php?r=adm/mediagallery/delete'...

8.8CVSS0.00585EPSS
Exploits0References1
NVD
NVD
added 2022/10/31 8:15 p.m.19 views

CVE-2022-41680

Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'searchvalue parameter in the...

7.6CVSS0.00276EPSS
Exploits0References1
OSV
OSV
added 2022/10/31 8:15 p.m.3 views

CVE-2022-41680

Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'searchvalue parameter in the...

6.5CVSS5.8AI score0.00276EPSS
Exploits0References1
OSV
OSV
added 2022/10/31 8:15 p.m.5 views

CVE-2022-42924

Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'dynfilter' parameter in the...

6.5CVSS5.8AI score0.00437EPSS
Exploits0References1
NVD
NVD
added 2022/10/31 8:15 p.m.13 views

CVE-2022-42924

Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'dynfilter' parameter in the...

7.6CVSS0.00437EPSS
Exploits0References1
OSV
OSV
added 2022/10/31 8:15 p.m.6 views

CVE-2022-42923

Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'id' parameter in the 'appCore/index.php?r=adm/mediagallery/delete'...

8.8CVSS5.8AI score0.00585EPSS
Exploits0References1
Prion
Prion
added 2022/10/31 8:15 p.m.24 views

Sql injection

Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'id' parameter in the 'appCore/index.php?r=adm/mediagallery/delete'...

6.5CVSS8.8AI score0.00585EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/10/31 8:15 p.m.24 views

Sql injection

Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'searchvalue parameter in the...

4CVSS6.7AI score0.00276EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/10/31 8:15 p.m.11 views

Sql injection

Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'dynfilter' parameter in the...

4CVSS6.7AI score0.00437EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/31 7:59 p.m.7 views

CVE-2022-42924 SQL injection in Forma LMS

Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'dynfilter' parameter in the...

7.6CVSS7.5AI score0.00437EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/31 7:59 p.m.8 views

CVE-2022-41680 SQL Injection in Forma LMS

Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'searchvalue parameter in the...

7.6CVSS7.5AI score0.00276EPSS
Exploits0References1
CVE
CVE
added 2022/10/31 7:59 p.m.62 views

CVE-2022-41680

Forma LMS (versions 3.1.0 and earlier) is affected by a SQL injection in the search[value] parameter of appLms/ajax.server.php?r=mycertificate/getMyCertificates. An authenticated attacker with the role of student could exploit this to dump the entire database. The vulnerability is documented acro...

7.6CVSS6.8AI score0.00276EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder