Lucene search
K

42 matches found

Positive Technologies
Positive Technologies
added 2023/12/29 12:0 a.m.5 views

PT-2023-31881 · Unknown · Implecode Product Catalog Simple

Name of the Vulnerable Software and Affected Versions: impleCode Product Catalog Simple versions 1.7.6 and earlier Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This is a problem where sensitive data is made available to individuals who shoul...

7.5CVSS7.6AI score0.0048EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2023/08/18 12:0 a.m.6 views

The vulnerability of the Intel Unite Client conference communication software for Windows and MacOS relates to an uncontrolled search path element, allowing a malicious individual to gain unauthorized access to sensitive information.

The vulnerability of the Intel Unite Client conference communication software for Windows and MacOS relates to an uncontrolled element in the search process. Exploiting this vulnerability can allow a malicious individual to gain unauthorized access to sensitive information...

7.8CVSS7.2AI score0.00148EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/04/16 12:0 a.m.5 views

WordPress Plugin Freesoul Deactivate Plugins – Plugin manager and cleanup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS7.3AI score0.00516EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:7 a.m.3 views

SUSE CVE-2008-2729

arch/x8664/lib/copyuser.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information...

4.9CVSS6.2AI score0.0057EPSS
Exploits1References4
OSV
OSV
added 2023/02/12 8:15 a.m.6 views

CVE-2023-0785

A vulnerability classified as problematic was found in SourceCodester Best Online News Portal 1.0. Affected by this vulnerability is an unknown functionality of the file checkavailability.php. The manipulation of the argument username leads to exposure of sensitive information through data querie...

3.7CVSS4.5AI score0.00851EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/11/01 12:0 a.m.3 views

Online Diagnostic Lab Management System SQL注入漏洞

Online Diagnostic Lab Management System is an online diagnostic lab management system. v1.0 of Online Diagnostic Lab Management System is vulnerable to SQL injection, which stems from a lack of validation of externally entered SQL statements and can be exploited by attackers to to obtain sensitiv...

7.2CVSS7.3AI score0.00726EPSS
Exploits1References2
OSV
OSV
added 2022/09/09 4:15 p.m.3 views

CVE-2022-28740

aEnrich eHRD Learning Management Key Performance Indicator System 5+ exposes Sensitive Information to an Unauthorized Actor...

7.5CVSS5.8AI score0.00639EPSS
Exploits0References2
OSV
OSV
added 2022/09/05 10:15 a.m.2 views

PYSEC-2022-43070

Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue...

7.5CVSS5.8AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/21 4:15 p.m.3 views

CVE-2022-32430

An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application...

7.5CVSS7.1AI score0.03634EPSS
Exploits1References4
OSV
OSV
added 2022/05/05 11:15 a.m.2 views

CVE-2021-45783

Bookeen Notea Firmware BKR1.0.520210608 is affected by a directory traversal vulnerability that allows an attacker to obtain sensitive information...

4.6CVSS5.8AI score0.01874EPSS
Exploits3References3
OSV
OSV
added 2022/04/27 11:15 a.m.7 views

CVE-2021-46420

Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information...

7.5CVSS7.1AI score0.05467EPSS
Exploits1References1
OSV
OSV
added 2021/01/08 3:15 p.m.4 views

CVE-2020-4606

IBM Security Verify Privilege Manager 10.8 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A local attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 184883...

4.4CVSS6.1AI score0.00343EPSS
Exploits0References2
CNVD
CNVD
added 2020/11/19 12:0 a.m.1 views

Cisco IoT Field Network Director Access Control Error Vulnerability (CNVD-2020-72728)

Cisco IoT Field Network Director IoT-FND is an end-to-end IoT management system from Cisco USA. The system features device management, asset tracking and smart metering. A security vulnerability exists in Cisco IoT Field Network Director FND that stems from affected software not properly validati...

7.5CVSS6.6AI score0.01528EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/08 12:0 a.m.1 views

SQL Injection Vulnerability in the Frontend Registration Module of 120 Emergency Command Center Web Service System

120 Emergency Command Center Web Service System is a set of web application services for 120 Emergency Command Center, including internal training, learning and assessment functions. A SQL injection vulnerability exists in the frontend registration module of the 120 Emergency Command Center Web...

7.7AI score
Exploits0
CNVD
CNVD
added 2020/04/16 12:0 a.m.1 views

WeLive online customer service system suffers from arbitrary file download vulnerability

WeLive online customer service system is a small program, easy to install and use online online customer service system. WeLive Online Customer Service System has an arbitrary file download vulnerability that can be exploited by an attacker to obtain sensitive information...

7AI score
Exploits0
CNVD
CNVD
added 2020/04/07 12:0 a.m.2 views

SQL Injection Vulnerability in Laikepui E-commerce System of Hunan One Eight Network Technology Co. Ltd (CNVD-2020-25312)

Laike e-commerce with independent copyright system, is an integrated e-commerce system all the functions of the platform. There is a SQL injection vulnerability in the Laike Push e-commerce system of Hunan One Eight Network Technology Co. Ltd, which can be exploited by an attacker to obtain...

7.7AI score
Exploits0
CNVD
CNVD
added 2020/02/26 12:0 a.m.3 views

Moxa PT-7528 and PT-7828 Series Weak Cryptographic Algorithm Vulnerability

Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa. A weak cryptographic algorithm vulnerability exists in the Moxa PT-7528 and PT-7828 Series, which can be exploited by attackers to obtain sensitive information...

7.5CVSS6.8AI score0.00812EPSS
Exploits0References1
CNVD
CNVD
added 2019/09/01 12:0 a.m.1 views

Weak Password Vulnerability in Tianqing Web Application Security Gateway

SkyQuest Web Application Security Gateway is a new generation of Web security protection and application delivery application security product developed by Qisda, which is used to defend against attacks targeting Web application vulnerabilities, analyze HTTP/HTTPS traffic on Web servers and...

6.8AI score
Exploits0
CNVD
CNVD
added 2018/11/18 12:0 a.m.3 views

SQL Injection Vulnerability in Boqiang Network Technology Company's Website Building System

Boqiang network technology company is engaged in enterprise, business website design, website construction, e-commerce, graphic design, wap website construction and software development and other production and application in one of the Internet company. A SQL injection vulnerability exists in...

7.6AI score
Exploits0
CNVD
CNVD
added 2016/07/13 12:0 a.m.1 views

SQL Injection Vulnerability in Agricultural Internet of Things Sensing Platform System

Agricultural IoT sensing platform system is an industrial control system. An SQL injection vulnerability exists in the Agricultural Internet of Things Sensing Platform System, which can be exploited by attackers to obtain sensitive information from the database...

7.7AI score
Exploits0References1
Rows per page
Query Builder