Lucene search
K

448 matches found

Positive Technologies
Positive Technologies
added 2024/05/31 12:0 a.m.3 views

PT-2024-36568

Name of the Vulnerable Software and Affected Versions Vanna library affected versions not specified Description The Vanna library is affected by a remote code execution issue due to prompt injection. This allows an attacker to alter the prompt function used for visualized results and run arbitrar...

9.2CVSS8.9AI score0.14956EPSS
Exploits0References20
CNVD
CNVD
added 2024/05/27 12:0 a.m.7 views

J2EEFAST ProcessDefinitionMapper.xml File SQL Injection Vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from ProcessDefinitionMapper.xml findPag...

5.4CVSS8AI score0.00245EPSS
Exploits0References1
CNVD
CNVD
added 2024/05/10 12:0 a.m.5 views

RuvarOA id parameter SQL injection vulnerability (CNVD-2024-33625)

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the id parameter of the /WorkFlow/wfofficefilehistoryshow.aspx file, which lacks validation of externally entered SQL statements. An attacker can exploit...

9.8CVSS8AI score0.00608EPSS
Exploits1References1
CNVD
CNVD
added 2024/05/10 12:0 a.m.8 views

J2EEFAST findApplyedTasksPage function SQL injection vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2eeFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from BpmTaskMapper.xml...

8.8CVSS8.1AI score0.00536EPSS
Exploits0References1
CNVD
CNVD
added 2024/05/10 12:0 a.m.8 views

J2EEFAST myProcessList function SQL injection vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the myProcessList function of the...

8.1CVSS8AI score0.00483EPSS
Exploits0References1
CNVD
CNVD
added 2024/04/17 12:0 a.m.5 views

Student Record System login.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the id/password parameter of the file /login.php. An attacker can exploit this vulnerability to...

9.8CVSS8.2AI score0.0095EPSS
Exploits1References1
CNVD
CNVD
added 2024/02/28 12:0 a.m.5 views

Simple School Managment System SQL Injection Vulnerability (CNVD-2024-14040)

Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statement , an attacker can exploit the...

8.8CVSS7.8AI score0.00706EPSS
Exploits1References1
CNVD
CNVD
added 2024/02/28 12:0 a.m.9 views

Simple School Managment System SQL Injection Vulnerability (CNVD-2024-14039)

Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statement , an attacker can exploit the...

8.8CVSS7.8AI score0.00706EPSS
Exploits1References1
CNVD
CNVD
added 2024/02/28 12:0 a.m.9 views

Simple School Managment System SQL Injection Vulnerability (CNVD-2024-14036)

Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statement , an attacker can exploit the...

8.8CVSS7.8AI score0.00721EPSS
Exploits1References1
CNVD
CNVD
added 2024/02/28 12:0 a.m.6 views

Simple School Managment System SQL Injection Vulnerability

Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statement , an attacker can exploit the...

8.8CVSS7.8AI score0.00721EPSS
Exploits1References1
CNVD
CNVD
added 2024/02/28 12:0 a.m.22 views

Simple School Managment System SQL Injection Vulnerability (CNVD-2024-14038)

Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of external input SQL statement validation , an attacker can exploit the...

8.8CVSS9.1AI score0.00706EPSS
Exploits1References1
CNVD
CNVD
added 2024/02/28 12:0 a.m.27 views

Simple School Managment System SQL Injection Vulnerability (CNVD-2024-14035)

Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statement , an attacker can exploit the...

8.8CVSS7.9AI score0.00721EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2024/01/24 12:0 a.m.5 views

The vulnerability of the corporate version of the GitHub Enterprise Server, related to the use of external management input for class selection, allows a perpetrator to execute arbitrary code.

The vulnerability of the corporate version of the GitHub Enterprise Server is related to the use of external management input data for class selection. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

7.2CVSS8.4AI score0.71725EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2024/01/03 3:15 a.m.3 views

CVE-2023-45722

HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly neutralize special...

9.8CVSS5.9AI score0.00659EPSS
Exploits0References1
NVD
NVD
added 2024/01/03 3:15 a.m.22 views

CVE-2023-45722

HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly neutralize special...

9.8CVSS9AI score0.00659EPSS
Exploits0References1
Prion
Prion
added 2024/01/03 3:15 a.m.20 views

Path traversal

HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly neutralize special...

7.5CVSS7.1AI score0.00659EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/03 2:59 a.m.4 views

CVE-2023-45722 Path Traversal Arbitrary File Read affects DRYiCE MyXalytics

HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly neutralize special...

8.8CVSS9.4AI score0.00659EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/02 12:0 a.m.5 views

PT-2024-13277 · Hcl · Hcl Dryice Myxalytics

Name of the Vulnerable Software and Affected Versions: HCL DRYiCE MyXalytics affected versions not specified Description: The issue is related to a path traversal arbitrary file read vulnerability. It occurs because the product uses external input to construct a pathname intended to identify a fi...

9.8CVSS9.2AI score0.00659EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.4 views

Apache Cocoon SQL注入漏洞

Apache Cocoon is the United States Apache Apache Foundation of a component-based Web development concepts built Web application framework. Apache Cocoon suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacke...

9.8CVSS8.2AI score0.01102EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/14 12:0 a.m.96 views

RHEL 8 : emacs (RHSA-2023:7083)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7083 advisory. GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp,...

9.8CVSS7.8AI score0.01603EPSS
Exploits0References8
Rows per page
Query Builder