Lucene search
K

93 matches found

Positive Technologies
Positive Technologies
added 2023/02/28 12:0 a.m.4 views

PT-2023-20057 · Unknown · Online Reviewer Management System

Name of the Vulnerable Software and Affected Versions: Online Reviewer Management System version 1.0 Description: An issue was discovered in the Online Reviewer Management System, where there is a XSS vulnerability. This vulnerability can be exploited via the reviewer...

4.8CVSS4.7AI score0.00457EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/12/25 12:0 a.m.7 views

PT-2022-27075 · Unknown · Simmeth Lieferantenmanager

Name of the Vulnerable Software and Affected Versions: Simmeth Lieferantenmanager versions prior to 5.6 Description: An issue was discovered in the "/DS/LM API/api/SelectionService/InsertQueryWithActiveRelationsReturnId" API endpoint. This allows an attacker to execute JavaScript code in the...

5.4CVSS5.6AI score0.00509EPSS
Exploits3References3
OSV
OSV
added 2022/12/14 3:15 p.m.4 views

CVE-2022-31358

A reflected cross-site scripting XSS vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/...

9CVSS6AI score0.01273EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/12/07 12:0 a.m.2 views

coder-chain_gdut 跨站脚本漏洞

coder-chaingdut is a binary image segmentation method based on lossless compression by the individual developer Wenyin Liu csliuwy. A security vulnerability exists in coder-chaingdut, which originates from an unknown function in file /back/index.php/user/User/?1, which is manipulated to cause...

6.1CVSS5.5AI score0.00411EPSS
Exploits1References3
OSV
OSV
added 2022/11/17 6:15 p.m.4 views

CVE-2022-44402

Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=deletetransaction...

7.2CVSS5.8AI score0.00726EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/10/17 12:0 a.m.4 views

PT-2022-26283 · Unknown · Open Source Sacco Management System

Name of the Vulnerable Software and Affected Versions: Open Source SACCO Management System version 1.0 Description: The issue concerns SQL Injection, which can be exploited via the "/sacco shield/manage payment.php" API endpoint. Recommendations: For Open Source SACCO Management System version 1....

7.2CVSS7.1AI score0.00821EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/09/19 12:0 a.m.5 views

PT-2022-22549 · Otfcc +1 · Otfcc +1

Name of the Vulnerable Software and Affected Versions: OTFCC commit 617837b Description: A heap buffer overflow issue has been discovered in OTFCC commit 617837b via the "/release-x64/otfccdump+0x6e420d" endpoint. This issue can be exploited, potentially leading to security breaches...

6.5CVSS6.6AI score0.00767EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2022/08/26 12:0 a.m.6 views

PT-2022-23456 · Unknown · Edoc-Doctor-Appointment-System

Name of the Vulnerable Software and Affected Versions: Edoc-doctor-appointment-system version 1.0.1 Description: A SQL injection issue was found in the Edoc-doctor-appointment-system via the id parameter at the "/patient/booking.php" API endpoint. Recommendations: For Edoc-doctor-appointment-syst...

9.8CVSS9.8AI score0.00988EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.4 views

PT-2022-23240 · Wuzhicms · Wuzhi Cms

Name of the Vulnerable Software and Affected Versions: Wuzhicms version 4.1.0 Description: A directory traversal issue was found in Wuzhicms via the /coreframe/app/attachment/admin/index.php endpoint. Recommendations: For Wuzhicms version 4.1.0, consider restricting access to the...

2.7CVSS3.6AI score0.00847EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2022/05/24 3:15 p.m.2 views

CVE-2022-30838

Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=updateapplicationstatus...

9.8CVSS5.9AI score0.01026EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/05/24 12:0 a.m.4 views

Water-billing-management-system SQL注入漏洞

Water-billing-management-system is a water billing management system. SQL injection vulnerability exists in Water-billing-management-system v1.0. An attacker can exploit this vulnerability to conduct SQL injection attacks via /wbms/classes/Master.php?f=deleteclient...

9.8CVSS5.9AI score0.01026EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/05/12 12:0 a.m.3 views

Simple Client Management System SQL注入漏洞

Simple Client Management System is a simple client management system from Carlo Montero's personal developer. version 1.0 of Simple Client Management System is vulnerable to a SQL injection vulnerability that originates in /cms/admin/?page=user/ The vulnerability is caused by the lack of validati...

9.8CVSS8.7AI score0.01568EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2019/04/21 12:0 a.m.7 views

PT-2019-12274 · Owasp +1 · Owasp Modsecurity Core Rule Set +1

Name of the Vulnerable Software and Affected Versions: OWASP ModSecurity Core Rule Set CRS versions through 3.1.0 Description: An issue was discovered in OWASP ModSecurity Core Rule Set CRS that allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with...

5.3CVSS6.9AI score0.01625EPSS
Exploits1References11
Rows per page
Query Builder