Lucene search
+L

9982 matches found

CNVD
CNVD
added 2018/05/25 12:0 a.m.6 views

SQL Injection Vulnerability in SMi CMS School Station Group System v20180314 (CNVD-2018-10727)

State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS school station group system v20180314 version of the SQL injection vulnerability , attackers can exploit the vulnerability to...

7.8AI score
Exploits0
CNVD
CNVD
added 2018/05/23 12:0 a.m.7 views

Dolibarr SQL Injection Vulnerability (CNVD-2018-15284)

Dolibarr is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A SQL injection vulnerability exists in Dolibarr versions prior to...

9.8CVSS9.8AI score0.03959EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/23 12:0 a.m.60 views

Dolibarr SQL Injection Vulnerability (CNVD-2018-15283)

Dolibarr is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A SQL injection vulnerability exists in Dolibarr versions prior to...

9.8CVSS9.8AI score0.71242EPSS
Exploits10References1
CNVD
CNVD
added 2018/05/23 12:0 a.m.3 views

iScripts eSwap SQL Injection Vulnerability (CNVD-2018-15242)

iScripts eSwap is a set of item trading software. The software supports trading with virtual currencies or directly exchanging items. A SQL injection vulnerability exists in iScripts eSwap version 2.4. A remote attacker can use the 'ToId' parameter to view, add, modify, or delete information in t...

9.8CVSS9.7AI score0.01202EPSS
Exploits1References1
OSV
OSV
added 2018/05/22 8:29 p.m.5 views

UBUNTU-CVE-2018-10094

SQL injection vulnerability in Dolibarr before 7.0.2 allows remote attackers to execute arbitrary SQL commands via vectors involving integer parameters without quotes...

9.8CVSS7.7AI score0.71242EPSS
Exploits10References2
OSV
OSV
added 2018/05/22 7:29 p.m.6 views

CVE-2018-6493

SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection...

8.8CVSS5.8AI score0.0201EPSS
Exploits0References3
OSV
OSV
added 2018/05/16 1:29 p.m.3 views

CVE-2018-10738

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/menuaccess.php chbKey1 parameter...

7.2CVSS5.8AI score0.42556EPSS
Exploits2References1
OSV
OSV
added 2018/05/16 1:29 p.m.4 views

CVE-2018-10737

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/logbook.php txtSearch parameter...

7.2CVSS5.8AI score
Exploits0References1
CNVD
CNVD
added 2018/05/15 12:0 a.m.29 views

PrestaShop Responsive Mega Menu Pro Module SQL Injection Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop. The solution provides a variety of payment methods , short message alerts and product image scaling and other features.Attribute Wizard addon is one of the product attribute add module.Responsive Mega Menu...

9.8CVSS8.1AI score0.01412EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2018/05/10 3:29 a.m.4 views

CVE-2018-8824

modules/bamegamenu/ajaxphpcode.php in the Responsive Mega Menu Horizontal+Vertical+Dropdown Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute a SQL Injection through function calls in the code parameter...

9.8CVSS6.2AI score0.01412EPSS
Exploits1References2
CNVD
CNVD
added 2018/05/07 12:0 a.m.2 views

TYPO3 Event Management and Registration SQL Injection Vulnerability

Typo3 is one of the leading brands of open source content management systems CMS and content management frameworks CMF based on PHP and MySQL databases and is a powerful open source solution.TYPO3 Event management and registration is one of the extensions for managing events and registration. A S...

8AI score
Exploits0References1
OSV
OSV
added 2018/05/01 7:29 p.m.4 views

CVE-2018-10256

A SQL Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query...

8.8CVSS5.8AI score0.02582EPSS
Exploits5References2
CNVD
CNVD
added 2018/04/26 12:0 a.m.6 views

Mitel MiVoice Connect SQL Injection Vulnerability

Mitel MiVoice Connect R1707-PREM and Mitel ST are both products of Mitel Corporation of Canada.Mitel MiVoice Connect R1707-PREM is a Unified Communications Management Appliance.ST is a videoconferencing product.conferencing is one of the notification components. conferencing is one of the...

6.5CVSS7.7AI score0.01073EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/25 12:0 a.m.2 views

Chemical website supported by HuaxiaChemNet suffers from SQL injection vulnerability.

Huaxia chemical network is by Shanghai Danfan network technology limited company founded, is for the chemical industry to provide security, high efficiency, multi-function, system supporting B2B electronic commerce platform of professional website. The chemical website supported by HuaxiaChemNet...

7.8AI score
Exploits0
CNVD
CNVD
added 2018/04/24 12:0 a.m.7 views

Kliqqi CMS SQL Injection Vulnerability

Kliqqi CMS is a content management system CMS. A SQL injection vulnerability exists in Kliqqi CMS version 3.5.2. A remote attacker can exploit the vulnerability to view data in the database with the help of the 'randkey' parameter with the value AND SELECT FROM SELECTSLEEP5MBMY to potentially gai...

9.8CVSS8.1AI score0.01072EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/19 12:0 a.m.34 views

Nagios XI core config manager authentication bypass vulnerability

Nagios XI is an IT infrastructure monitoring solution from Nagios, Inc. that supports monitoring and alerting of applications, services, operating systems, etc. core config manager is one of the core configuration managers. The solution supports monitoring and alerting of applications, services,...

9.8CVSS8AI score0.27508EPSS
Exploits9References1
CNVD
CNVD
added 2018/04/16 12:0 a.m.2 views

SQL Injection Vulnerability in Enterprise Website Building System of Zaozhuang Frontier Technology Co.

Zaozhuang Frontier Technology Co., Ltd. is engaged in software technology services. A SQL injection vulnerability exists in the enterprise website building system of Zaozhuang Frontier Technology Co. An attacker can exploit the vulnerability to obtain sensitive database information...

7.9AI score
Exploits0
OSV
OSV
added 2018/04/11 3:29 a.m.36 views

UBUNTU-CVE-2017-9839

Dolibarr ERP/CRM is affected by SQL injection in versions before 5.0.4 via product/stats/card.php type parameter...

8.8CVSS7.4AI score0.01054EPSS
Exploits1References3
CNVD
CNVD
added 2018/04/11 12:0 a.m.2 views

Dolibarr ERP/CRM SQL Injection Vulnerability (CNVD-2018-08337)

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A SQL injection vulnerability exists in Dolibarr ERP/CRM...

8.8CVSS8.4AI score0.01054EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/11 12:0 a.m.4 views

Dolibarr ERP/CRM SQL Injection Vulnerability (CNVD-2018-08348)

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A SQL injection vulnerability exists in Dolibarr ERP/CRM 7.0.0...

8.8CVSS8.4AI score0.01054EPSS
Exploits1References1
Rows per page
Query Builder