CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3632 matches found

CVE•added 2023/07/20 7:31 p.m.•68 views

CVE-2023-3793

CVE-2023-3793 affects Weaver e-cology. The vulnerability resides in the HTTP POST Request Handler, specifically the filelFileDownloadForOutDoc.class, where the fileid parameter can be manipulated (example: 1+WAITFOR+DELAY) to yield SQL injection. Affected versions are prior to 10.58.0. Upgrading ...

9.8CVSS7AI score0.00421EPSS

In wildExploits0References2Affected Software1

Cvelist•added 2023/07/20 7:31 p.m.•30 views

CVE-2023-3793 Weaver e-cology HTTP POST Request filelFileDownloadForOutDoc.class sql injection

A vulnerability was found in Weaver e-cology. It has been rated as critical. This issue affects some unknown processing of the file filelFileDownloadForOutDoc.class of the component HTTP POST Request Handler. The manipulation of the argument fileid with the input 1+WAITFOR+DELAY leads to sql...

5.5CVSS10AI score0.00421EPSS

Exploits0References2

Vulnrichment•added 2023/07/20 7:31 p.m.•13 views

CVE-2023-3793 Weaver e-cology HTTP POST Request filelFileDownloadForOutDoc.class sql injection

5.5CVSS7.6AI score0.00421EPSS

Exploits0References2

OSV•added 2023/07/20 8:15 a.m.•5 views

CVE-2023-3783

A vulnerability was found in Webile 1.0.1. It has been classified as problematic. Affected is an unknown function of the component HTTP POST Request Handler. The manipulation of the argument newfilename/c leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...

5.4CVSS3.7AI score0.00538EPSS

Exploits1References4

NVD•added 2023/07/20 8:15 a.m.•13 views

CVE-2023-3783

5.4CVSS4.3AI score0.00538EPSS

Exploits1References4

Prion•added 2023/07/20 8:15 a.m.•13 views

Cross site scripting

4CVSS5.3AI score0.00538EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2023/07/20 7:22 a.m.•6 views

CVE-2023-3783 Webile HTTP POST Request cross site scripting

4CVSS6.2AI score0.00538EPSS

Exploits1References4

Cvelist•added 2023/07/20 7:22 a.m.•19 views

CVE-2023-3783 Webile HTTP POST Request cross site scripting

4CVSS5.5AI score0.00538EPSS

Exploits1References4

CVE•added 2023/07/20 7:22 a.m.•46 views

CVE-2023-3783

Webile 1.0.1 has a cross-site scripting vulnerability in the HTTP POST Request Handler, triggered by manipulating the new_file_name/c argument. This is a remote-authenticated? issue as per description (attack can be launched remotely) with public exploit disclosure. The root cause is an input han...

5.4CVSS4.2AI score0.00538EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2023/07/20 12:0 a.m.•7 views

PT-2023-26188 · Unknown · Weaver E-Cology

Name of the Vulnerable Software and Affected Versions: Weaver e-cology versions prior to 10.58.0 Description: A critical issue affects the HTTP POST Request Handler component of Weaver e-cology, specifically the file filelFileDownloadForOutDoc.class. The manipulation of the fileid argument with t...

9.8CVSS8.7AI score0.00421EPSS

Exploits0References8

NVD•added 2023/07/15 9:15 a.m.•31 views

CVE-2023-3679

A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=saveinquiry of the component HTTP POST Request Handler. The manipulation of the argument id lead...

9.8CVSS0.00418EPSS

Exploits0References2

NVD•added 2023/07/15 9:15 a.m.•11 views

CVE-2023-3680

A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=saveitem of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is...

9.8CVSS0.00418EPSS

Exploits0References2

Prion•added 2023/07/15 9:15 a.m.•20 views

Sql injection

6.5CVSS9.7AI score0.00418EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/07/15 9:0 a.m.•23 views

CVE-2023-3680 SourceCodester Lost and Found Information System HTTP POST Request sql injection

6.5CVSS10AI score0.00418EPSS

Exploits0References2

Cvelist•added 2023/07/15 8:31 a.m.•27 views

CVE-2023-3679 SourceCodester Lost and Found Information System HTTP POST Request sql injection

6.5CVSS9.9AI score0.00418EPSS

Exploits0References2

NVD•added 2023/07/15 8:15 a.m.•29 views

CVE-2023-3678

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=deleteinquiry of the component HTTP POST Request Handler. The manipulation of the argument ...

9.8CVSS0.00425EPSS

Exploits0References2

Prion•added 2023/07/15 8:15 a.m.•16 views

Sql injection

6.5CVSS9.7AI score0.00425EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/07/15 8:0 a.m.•26 views

CVE-2023-3678 SourceCodester AC Repair and Services System HTTP POST Request sql injection

6.5CVSS10AI score0.00425EPSS

Exploits0References2

NVD•added 2023/07/13 11:15 a.m.•14 views

CVE-2023-3658

A vulnerability, which was classified as critical, was found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file Master.php?f=deletebook of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is...

9.8CVSS0.00465EPSS

Exploits0References2

Cvelist•added 2023/07/13 10:31 a.m.•21 views

CVE-2023-3658 SourceCodester AC Repair and Services System HTTP POST Request sql injection

6.5CVSS10AI score0.00465EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by