Lucene search
K

64 matches found

CNNVD
CNNVD
added 2022/06/02 12:0 a.m.5 views

Online Fire Reporting System SQL注入漏洞

Online Fire Reporting System is an online fire reporting system from Carlo Montero's personal developer. version v1.0 of Online Fire Reporting System is vulnerable to SQL injection, which originates from /ofrs/admin/?page=reports& date=Lack of validation of external input SQL statements, an...

7.2CVSS6AI score0.04903EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/05/26 12:0 a.m.5 views

CSCMS Music Portal System SQL注入漏洞

CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. CSCMS Music Portal System suffers from a SQL injection vulnerability that originates from the lack of validation of the id parameter in /admin.php/singer/admin/singer/hy...

7.2CVSS6.1AI score0.00896EPSS
Exploits1References2
CNVD
CNVD
added 2022/05/16 12:0 a.m.25 views

Simple Client Management System SQL注入漏洞(CNVD-2022-57772)

Simple Client Management System is a simple client management system from Carlo Montero's personal developer. version 1.0 of Simple Client Management System is vulnerable to SQL injection, which stems from a lack of validation of external SQL statements in /cms/admin/maintenance...

9.8CVSS5.1AI score0.01603EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/05/12 12:0 a.m.2 views

Online Sports Complex Booking System SQL注入漏洞

Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. page=user/manageuser&id= lacks validation of external input SQL statements, which can be exploited to execute illegal SQL commands to steal sensitive database data...

9.8CVSS8.7AI score0.01091EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/05/03 12:0 a.m.4 views

EmpireCMS SQL注入漏洞

EmpireCMS Empire Content Management System is an open source content management system CMS. EmpireCMS version 7.5 is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in AdClass.php and can be exploited to execute illegal SQL commands to steal...

9.8CVSS8.6AI score0.00914EPSS
Exploits1References2
CNVD
CNVD
added 2022/04/24 12:0 a.m.16 views

Simple Real Estate Portal System SQL注入漏洞(CNVD-2022-43406)

Simple Real Estate Portal System is a real estate portal system from Carlo Montero's personal developer. Simple Real Estate Portal System v1.0 is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

9.8CVSS5AI score0.01462EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/06 12:0 a.m.17 views

Pagekit SQL Injection Vulnerability

Pagekit is a modular, lightweight CMS content management system. pagekit has a SQL injection vulnerability, which can be exploited by attackers to execute illegal SQL commands to steal sensitive data from the database...

10CVSS5.3AI score0.01513EPSS
Exploits1References1
CNVD
CNVD
added 2022/03/29 12:0 a.m.13 views

forkcms SQL Injection Vulnerability (CNVD-2022-25983)

forkcms is an application. A CMS. forkcms version 5.11.1 previously contained a SQL injection vulnerability that stemmed from a lack of validation of externally entered SQL statements in the ids parameter of blog comments. An attacker could use this vulnerability to execute illegal SQL commands t...

9CVSS4.7AI score0.01134EPSS
Exploits1References1
CNVD
CNVD
added 2022/03/25 12:0 a.m.17 views

Money Transfer Management System SQL Injection Vulnerability (CNVD-2022-83612)

Money Transfer Management System is a remittance management system. version 1.0 of Money Transfer Management System is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the id parameter of mtms/admin/?page=transaction/viewdetails. An attacker...

4CVSS3.4AI score0.00771EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/03/17 12:0 a.m.27 views

Atom CMS SQL Injection Vulnerability

Atom CMS is a content management system. A SQL injection vulnerability exists in Atom CMS version 2.0, which stems from a missing validation of external input SQL statements in the id parameter of /admin/ajax/avatar.php. An attacker could use this vulnerability to execute illegal SQL commands to...

7.5CVSS9.8AI score0.07148EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/02/28 12:0 a.m.15 views

BloofoxCms SQL Injection Vulnerability

BloofoxCms is a Php based text content management system. A SQL injection vulnerability exists in BloofoxCms versions 0.5.1 inclusive to 0.5.2.1 inclusive due to the following parameters "URLs,langid,tmplid,modrewrite,etadoctype,metacharset,default group,page group" lacks validation of externally...

9.8CVSS9.8AI score0.01353EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/14 12:0 a.m.20 views

WordPress Wpcalc plugin SQL injection vulnerability

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers.The WordPress WPcalc plugin in version 2.1 and earlier is vulnerable to SQL injection, which stems from the plugin'...

8.8CVSS2.5AI score0.01318EPSS
Exploits2References1
CNVD
CNVD
added 2021/10/31 12:0 a.m.25 views

Online Shopping Portal SQL Injection Vulnerability (CNVD-2021-103373)

Online Shopping Portal is an open source online shopping portal. A SQL injection vulnerability exists in Online Shopping Portal version 3.1, which can be exploited to execute illegal SQL commands to steal sensitive database data via the lack of validation of externally-entered SQL statements via...

7.5CVSS7.9AI score0.01475EPSS
Exploits1References1
HackRead
HackRead
added 2021/10/20 4:4 p.m.41 views

Hacker steals govt database with info of entire Argentine population

By Deeba Ahmed Reportedly, the database also contains personal information of Argentinian President Alberto Fernández, football superstars Sergio Aguero and Lionel Messi. This is a post from HackRead.com Read the original post: Hacker steals govt database with info of entire Argentine population...

2.7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/07 12:0 a.m.485 views

WordPress Plugin JoomSport 3.3 - SQL Injection

Exploit Title: JoomSport 3.3 – for Sports - SQL injection Google Dork: intext:powered by JoomSport - sport WordPress plugin Date:29/07/2019. Exploit Author: Pablo Santiago Vendor Homepage: https://beardev.com/ Software Link: https://wordpress.org/plugins/joomsport-sports-league-results-management...

9.8CVSS9.8AI score0.21091EPSS
Exploits5
Prion
Prion
added 2019/08/05 3:15 p.m.23 views

Sql injection

The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to steal, modify, or delete database information via the joomsportseason/new-yorkers/?action=playerlist sid parameter...

7.5CVSS9.7AI score0.21091EPSS
Exploits5References3Affected Software1
CNVD
CNVD
added 2017/07/01 12:0 a.m.4 views

SQL Injection Vulnerability in MallBuilder

MallBuilder is a multi-user online shopping mall solution based on PHP+MYSQL. MallBuilder suffers from a SQL injection vulnerability. An attacker can use this vulnerability to steal database information and control the operating system...

7.8AI score
Exploits0
Packet Storm
Packet Storm
added 2016/06/22 12:0 a.m.34 views

SSHC 5.0 Encrypted Database Content Stealing

Exploit Title: SSHC v5.0 encrypted database content stealing Date: 03/06/2016 Author: Mickael Dorigny @ Synetis Vendor or Software Link: https://github.com/e2ma3n/sshc Version: 0.5 Category: data theft SSHC description : ====================================================================== When...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

WordPress 1.2.1/1.2.2 link-manager.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11984/info Wordpress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied data. The cross-site...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/06/12 12:0 a.m.33 views

o0mBBS 0.65B SQL Injection

--------------------------------------- Author : L3b-r1'z Title : o0mBBS Sql Injection Date : 6/12/2012 Email : [email protected] Site : Sec4Ever.com & Exploit4arab.com Google Dork : allintext: "o0mBBS version 0.65B" Version : 0.65 --------------------------------------- 1 Bug 2 PoC...

0.2AI score
Exploits0
Rows per page
Query Builder