Lucene search
K

846 matches found

Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.4 views

PT-2024-21181 · Amss++ · Amss++

Name of the Vulnerable Software and Affected Versions: AMSS++ version 4.31 Description: The issue allows SQL injection through the /amssplus/admin/index.php endpoint, in the id parameter. This could enable a remote attacker to send a specially crafted SQL query to the server and retrieve all the...

8.2CVSS7.4AI score0.00534EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/03/18 12:0 a.m.5 views

AMSS++ SQL Injection Vulnerability

AMSS++ is a tool for the office administration support system of Amssplus. An SQL injection vulnerability exists in AMSS++ version 4.31, which originates from an SQL injection vulnerability in the username parameter of the /amssplus/index.php page...

8.2CVSS8AI score0.00586EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/12 12:0 a.m.2 views

Racktables Security Breach

Racktables is a data center asset management system. It is used for data center and server room asset management. A security vulnerability exists in Racktables v0.22.0 and earlier versions, which originated from a vulnerability that allows local attackers to execute arbitrary code and obtain...

6.1CVSS7.1AI score0.00565EPSS
Exploits1References4
OSV
OSV
added 2024/03/09 9:15 a.m.3 views

CVE-2024-2330

A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. This affects an unknown part of the file /protocol/index.php. The manipulation of the argument IPAddr leads to sql injection. It is possible to initiate the attack remotely. The...

9.8CVSS5.7AI score
Exploits0References3
OSV
OSV
added 2024/03/06 10:55 a.m.25 views

BIT-HELM-2020-15185 Duplicated chart entries in Helm

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker...

4CVSS3.7AI score0.00883EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/06 12:0 a.m.2 views

Customer Support System 跨站脚本漏洞

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a cross-site scripting vulnerability that stems fro...

6.1CVSS5.9AI score0.0045EPSS
Exploits1References3
OSV
OSV
added 2024/03/04 1:15 a.m.7 views

CVE-2024-2155

A vulnerability was found in SourceCodester Best POS Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file index.php. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The exploit has been...

4.3CVSS4.9AI score0.00513EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/03/01 12:0 a.m.5 views

PT-2024-18702 · Sourcecodester · Sourcecodester Simple Online Bidding System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Online Bidding System version 1.0 Description: A critical issue has been found in the system, affecting an unknown part of the file index.php. The manipulation of the category id argument leads to SQL injection. It is...

9.8CVSS8.2AI score0.00658EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/02/28 12:0 a.m.1 views

CodeAstro Membership Management System SQL Injection Vulnerability

CodeAstro Membership Management System is a membership management system from CodeAstro, Inc. A SQL injection vulnerability exists in CodeAstro Membership Management System v.1.0 that could allow a remote attacker to execute arbitrary SQL commands via the email parameter in the index.php componen...

8.8CVSS8.5AI score0.00786EPSS
Exploits1References2
OSV
OSV
added 2024/02/27 9:15 a.m.4 views

CVE-2023-7165

The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files...

7.5CVSS7.3AI score0.01915EPSS
Exploits2References1
OSV
OSV
added 2024/02/21 11:15 p.m.10 views

AZL-34454 CVE-2024-26147 affecting package cert-manager for versions less than 1.11.2-10

Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an index.yaml file or a plugins plugin.yaml file were missing all metadata a panic would...

7.5CVSS7AI score0.00926EPSS
Exploits0References1
OSV
OSV
added 2024/02/21 11:15 p.m.7 views

AZL-34584 CVE-2024-26147 affecting package cert-manager for versions less than 1.12.13-1

Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an index.yaml file or a plugins plugin.yaml file were missing all metadata a panic would...

7.5CVSS7AI score0.00926EPSS
Exploits0References1
OSV
OSV
added 2024/02/21 11:15 p.m.4 views

UBUNTU-CVE-2024-26147

Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an index.yaml file or a plugins plugin.yaml file were missing all metadata a panic would...

7.5CVSS7.1AI score0.00926EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/02/21 11:15 p.m.27 views

CVE-2024-26147

Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an index.yaml file or a plugins plugin.yaml file were missing all metadata a panic would...

7.5CVSS6.9AI score0.00926EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/02/15 12:0 a.m.4 views

PT-2024-20764 · Mss · Mss

Name of the Vulnerable Software and Affected Versions: MSS Mission Support System versions prior to 8.3.3 Description: MSS is an open source package designed for planning atmospheric research flights. The issue concerns a method in the index.py file that is vulnerable to path manipulation attacks...

7.5CVSS6.8AI score0.00493EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/02/15 12:0 a.m.3 views

Mission Support System security breach

Mission Support System is the mission support system software used to plan atmospheric research flights. A security vulnerability exists in Mission Support System versions 5.0.0 through 8.3.3 and earlier that could allow an attacker to obtain sensitive information via the file mslib/index.py...

7.5CVSS6.3AI score0.00493EPSS
Exploits0References3
OSV
OSV
added 2024/02/09 1:15 p.m.3 views

CVE-2024-25306

Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'aname' parameter at "School/index.php"...

8.8CVSS5.8AI score0.00721EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/02/09 12:0 a.m.5 views

PT-2024-20875 · Code Projects · Code-Projects Simple School Managment System

Name of the Vulnerable Software and Affected Versions: Code-projects Simple School Managment System version 1.0 Description: The issue allows SQL Injection via the aname parameter at the "School/index.php" endpoint. This could potentially lead to unauthorized access to sensitive data...

8.8CVSS7.6AI score0.00721EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/01/30 12:0 a.m.18 views

Free Open-Source Inventory Management System Security Vulnerability

Inventory Management System is an inventory management system by stemword individual developers. A security vulnerability exists in Free Open-Source Inventory Management System version v.1.0. A remote attacker can exploit this vulnerability to execute arbitrary code via the Stafflist parameter in...

6.5CVSS7.8AI score0.00351EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.8 views

PT-2024-15938 · Unknown · Codeastro Stock Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Stock Management System version 1.0 Description: A vulnerability was found in the CodeAstro Stock Management System, affecting some unknown processing of the file /index.php of the component Add Category Handler. The manipulation of...

5.4CVSS4.2AI score0.00562EPSS
Exploits1References7
Rows per page
Query Builder