CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

42 matches found

CNNVD•added 2026/05/29 12:0 a.m.•9 views

Kados R10 GreenBee SQL注入漏洞

Kados R10 GreenBee is a web-based project management and collaboration tool developed by Kados OpenSource. Kados R10 GreenBee has a SQL injection vulnerability. This vulnerability arises from the fact that the featureid parameter in boardsbuttons/updatefeature.php is not cleaned properly, resulti...

8.8CVSS6.1AI score0.00334EPSS

Exploits0References4

Positive Technologies•added 2026/05/29 12:0 a.m.•11 views

PT-2026-44873

Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the feature id parameter of boards buttons/update feature.php. The feature id value is concatenated directly into SQL statements...

8.8CVSS6.1AI score0.00334EPSS

Exploits0References5

CNNVD•added 2026/05/29 12:0 a.m.•8 views

Kados R10 GreenBee SQL注入漏洞

Kados R10 GreenBee is a web-based project management and collaboration tool developed by Kados OpenSource. Kados R10 GreenBee has a SQL injection vulnerability. This vulnerability arises from the fact that the releaseid parameter in boardsbuttons/updaterelease.php is not cleaned properly, allowin...

8.8CVSS6.1AI score0.00334EPSS

Exploits0References4

EUVD•added 2026/04/05 9:30 p.m.•0 views

EUVD-2019-20121

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the sortdirection parameter. Attackers can submit malicious SQL statements in the sortdirection parameter to extract sensitive database information or modi...

8.8CVSS6AI score0.00311EPSS

Exploits1References5

EUVD•added 2026/04/05 9:30 p.m.•2 views

EUVD-2019-20109

Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the menulev1 parameter. Attackers can send crafted requests with malicious SQL payloads in the menulev1 parameter to extract sensitive...

8.8CVSS6AI score0.00338EPSS

Exploits1References5

EUVD•added 2026/04/05 9:30 p.m.•3 views

EUVD-2019-20123

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filterusermail parameter. Attackers can send crafted requests with malicious SQL statements to extract sensitive database information or modify data...

8.8CVSS6AI score0.00311EPSS

Exploits1References5

EUVD•added 2026/04/05 9:30 p.m.•4 views

EUVD-2019-20113

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'idtomodify' parameter. Attackers can send crafted requests with malicious SQL statements in the idtomodify field to extract sensitive database...

8.8CVSS6AI score0.00311EPSS

Exploits1References5

EUVD•added 2026/04/05 9:30 p.m.•4 views

EUVD-2019-20117

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the languagetag parameter. Attackers can submit malicious SQL statements in the languagetag parameter to extract sensitive database information or modify...

8.8CVSS6AI score0.00311EPSS

Exploits1References5

NVD•added 2026/04/05 9:16 p.m.•3 views

CVE-2019-25696

9.1CVSS0.00311EPSS

Exploits1References4

NVD•added 2026/04/05 9:16 p.m.•2 views

CVE-2019-25694

Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user2reset parameter. Attackers can send crafted requests with malicious SQL payloads to extract sensitive database information or modi...

9.1CVSS0.00398EPSS

Exploits1References4

ATTACKERKB•added 2026/04/05 8:45 p.m.•0 views

CVE-2019-25704

8.8CVSS6AI score0.00311EPSS

Exploits1References4

Cvelist•added 2026/04/05 8:45 p.m.•17 views

CVE-2019-25700 Kados R10 GreenBee SQL Injection via sort_direction Parameter

8.8CVSS0.00311EPSS

Exploits1References4

ATTACKERKB•added 2026/04/05 8:45 p.m.•0 views

CVE-2019-25700

8.8CVSS6AI score0.00311EPSS

Exploits1References4

CVE•added 2026/04/05 8:45 p.m.•5 views

CVE-2019-25702

Kados R10 GreenBee is affected by an SQL injection via the id_project parameter. The vulnerability allows an attacker to manipulate database queries (injected SQL) to disclose or modify data. Documents identify the affected component as Kados R10 GreenBee and confirm the entry’s exploitation cont...

9.1CVSS6AI score0.00311EPSS

Exploits1References4Affected Software1

ATTACKERKB•added 2026/04/05 8:45 p.m.•0 views

CVE-2019-25698

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the idtodelete parameter. Attackers can send crafted requests with malicious SQL statements in the idtodelete field to extract or modify sensitive database...

8.8CVSS6AI score0.00311EPSS

Exploits1References4

CVE•added 2026/04/05 8:45 p.m.•3 views

CVE-2019-25698

Kados R10 GreenBee has an SQL injection vulnerability in the id_to_delete parameter. Attackers can craft requests to manipulate SQL queries and potentially extract or modify sensitive data. The issue is documented across multiple feeds (NVD/CVE/CIRCL/etc.) with network-based access and high impac...

9.1CVSS6AI score0.00311EPSS

Exploits1References4Affected Software1