Lucene search
K

88 matches found

CNNVD
CNNVD
added 2023/01/09 12:0 a.m.5 views

Dynamic Transaction Queuing System SQL注入漏洞

Dynamic Transaction Queuing System is a dynamic transaction queuing system using PHP/MySQL by Carlo Montero, an individual developer. A security vulnerability exists in Dynamic Transaction Queuing System v1.0. An attacker can exploit this vulnerability to perform a SQL injection attack via...

9.8CVSS8.7AI score0.00752EPSS
Exploits1References2
CVE
CVE
added 2023/01/09 12:0 a.m.60 views

CVE-2022-47790

Sourcecodester Dynamic Transaction Queuing System v1.0 is vulnerable to SQL Injection via /queuing/index.php?page=display&id=. The root cause is an injection flaw in the id parameter of that endpoint. Impact per CVSS indicates high confidentiality, integrity, and availability with a total score o...

9.8CVSS9.7AI score0.00752EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2022/12/12 8:15 p.m.19 views

CVE-2022-45275

An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS0.15323EPSS
Exploits1References1
Prion
Prion
added 2022/12/12 8:15 p.m.13 views

Privilege escalation

An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

5.8CVSS7.3AI score0.15323EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.4 views

PT-2022-27454 · Unknown · Dynamic Transaction Queuing System

Name of the Vulnerable Software and Affected Versions: Dynamic Transaction Queuing System version 1.0 Description: The issue is related to an arbitrary file upload vulnerability in the "/queuing/admin/ajax.php?action=save settings" API endpoint. This vulnerability allows attackers to execute...

7.2CVSS7.2AI score0.15323EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2022/12/12 12:0 a.m.7 views

CVE-2022-45275

An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

7.3AI score0.15323EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/12/12 12:0 a.m.24 views

CVE-2022-45275

An arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=savesettings of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

7.5AI score0.15323EPSS
Exploits1References1
CVE
CVE
added 2022/12/12 12:0 a.m.69 views

CVE-2022-45275

CVE-2022-45275 affects Dynamic Transaction Queuing System (DTQS) v1.0. The issue is an arbitrary file upload vulnerability in /queuing/admin/ajax.php?action=save_settings that enables an attacker to execute arbitrary PHP code via a crafted file. Root cause appears to be improper handling/validati...

7.2CVSS7.3AI score0.15323EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder