Lucene search
K

121 matches found

BDU FSTEC
BDU FSTEC
added 2021/09/15 12:0 a.m.11 views

The vulnerability of the Shops module in the NukeViet content management system allows a hacker to execute arbitrary SQL code.

The vulnerability of the Shops module in the NukeViet content management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code through the listid parameter in the detail.php script, ...

9.8CVSS8.2AI score0.01576EPSS
Exploits1References6Affected Software1
CNNVD
CNNVD
added 2021/07/30 12:0 a.m.5 views

Vinades NukeViet SQL注入漏洞

Vinades NukeViet is an open source Content Management System CMS from Vinades Vietnam. A SQL injection vulnerability exists in NukeViet CMS due to a failure to filter special characters in the listid parameter on the detail.php page of the product store module and the groupprice and groupid...

9.8CVSS8.7AI score0.01576EPSS
Exploits1References5
Cvelist
Cvelist
added 2021/07/29 3:36 p.m.35 views

CVE-2020-21809

SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the 1 listid parameter in detail.php and the 2 groupprice or groupid parameters in searchresult.php...

9.9AI score0.01576EPSS
Exploits1References4
CVE
CVE
added 2021/07/29 3:36 p.m.78 views

CVE-2020-21809

Summary: CVE-2020-21809 is a SQL Injection vulnerability in the NukeViet CMS module Shops affecting versions 4.0.29 and 4.3, exploitable via improper handling of input parameters (listid in detail.php; group_price or groupid in search_result.php). The vulnerability is documented with high/critica...

9.8CVSS9.8AI score0.01576EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2018/12/17 3:29 p.m.4 views

CVE-2018-19772

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters...

6.1CVSS5.8AI score0.01081EPSS
Exploits2References2
OSV
OSV
added 2018/12/17 3:29 p.m.4 views

CVE-2018-19817

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/AdminAuthorisationFrame.jsp" has reflected XSS via the ConnPoolName or GroupId parameter...

6.1CVSS5.8AI score0.01058EPSS
Exploits2References2
OSV
OSV
added 2018/12/17 3:29 p.m.3 views

CVE-2018-19773

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "EditCurrentUser.jsp" has reflected XSS via the GroupId and ConnPoolName parameters...

6.1CVSS5.8AI score0.01081EPSS
Exploits2References2
NVD
NVD
added 2018/12/17 3:29 p.m.18 views

CVE-2018-19810

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/GroupMove.jsp" has reflected XSS via the ConnPoolName, GroupId, or type parameter...

6.1CVSS5.9AI score0.01081EPSS
Exploits2References2
NVD
NVD
added 2018/12/17 3:29 p.m.19 views

CVE-2018-19773

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "EditCurrentUser.jsp" has reflected XSS via the GroupId and ConnPoolName parameters...

6.1CVSS5.9AI score0.01081EPSS
Exploits2References2
OSV
OSV
added 2018/12/17 3:29 p.m.3 views

CVE-2018-19775

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "Variables.jsp" has reflected XSS via the ConnPoolName and GroupId parameters...

6.1CVSS5.8AI score0.01081EPSS
Exploits2References2
NVD
NVD
added 2018/12/17 3:29 p.m.19 views

CVE-2018-19774

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "PresentSpace.jsp" has reflected XSS via the GroupId and ConnPoolName parameters...

6.1CVSS5.9AI score0.01081EPSS
Exploits2References2
OSV
OSV
added 2018/12/17 3:29 p.m.4 views

CVE-2018-19774

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "PresentSpace.jsp" has reflected XSS via the GroupId and ConnPoolName parameters...

6.1CVSS5.8AI score0.01081EPSS
Exploits2References2
OSV
OSV
added 2018/12/17 3:29 p.m.3 views

CVE-2018-19814

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/Subscriptions.jsp" has reflected XSS via the ConnPoolName or GroupId parameter...

6.1CVSS5.8AI score0.01081EPSS
Exploits2References2
OSV
OSV
added 2018/12/17 3:29 p.m.4 views

CVE-2018-19813

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/Subscribers.jsp" has reflected XSS via the ConnPoolName or GroupId parameter...

6.1CVSS5.8AI score0.01081EPSS
Exploits2References2
OSV
OSV
added 2018/12/17 3:29 p.m.3 views

CVE-2018-19812

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/SubFolderPackages.jsp" has reflected XSS via the GroupId parameter...

6.1CVSS5.8AI score0.01058EPSS
Exploits2References2
Prion
Prion
added 2018/12/17 3:29 p.m.15 views

Cross site scripting

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "Variables.jsp" has reflected XSS via the ConnPoolName and GroupId parameters...

4.3CVSS5.8AI score0.01081EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2018/12/17 3:29 p.m.12 views

Cross site scripting

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/AdminAuthorisationFrame.jsp" has reflected XSS via the ConnPoolName or GroupId parameter...

4.3CVSS5.8AI score0.01058EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2018/12/17 3:29 p.m.3 views

CVE-2018-19768

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "SubPagePackages.jsp" has reflected XSS via the ConnPoolName and GroupId parameters...

6.1CVSS5.8AI score0.01081EPSS
Exploits2References2
Prion
Prion
added 2018/12/17 3:29 p.m.13 views

Cross site scripting

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/Subscribers.jsp" has reflected XSS via the ConnPoolName or GroupId parameter...

4.3CVSS5.8AI score0.01081EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2018/12/17 3:29 p.m.16 views

Cross site scripting

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "PresentSpace.jsp" has reflected XSS via the ConnPoolName and GroupId parameters...

4.3CVSS5.8AI score0.01081EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder