Lucene search
+L

259 matches found

OSV
OSV
added 2024/08/12 1:38 p.m.2 views

CVE-2024-7636

A vulnerability was found in code-projects Simple Ticket Booking 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file authenticate.php of the component Login. The manipulation of the argument email/password leads to sql injection. The attac...

9.8CVSS5.7AI score0.00764EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/08/01 12:0 a.m.6 views

SourceCodester Tracking Monitoring Management System SQL注入漏洞

SourceCodester Tracking Monitoring Management System is a monitoring management system from SourceCodester Inc. A SQL injection vulnerability exists in the SourceCodester Tracking Monitoring Management System version 1.0, which is caused by an SQL injection vulnerability in the username parameter...

9.8CVSS7.8AI score0.00646EPSS
Exploits1References5
OSV
OSV
added 2024/07/31 4:15 a.m.3 views

CVE-2024-7286

A vulnerability was found in SourceCodester Establishment Billing Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/ajax.php?action=login of the component Login. The manipulation of the argument username leads to sql injection. The...

9.8CVSS5.7AI score0.00646EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/07/22 12:0 a.m.30 views

CVE-2024-24507

Cross Site Scripting vulnerability in Act-On 2023 allows a remote attacker to execute arbitrary code via the newUser parameter in the login.jsp component...

0.00418EPSS
Exploits1References1
OSV
OSV
added 2024/07/21 3:15 p.m.8 views

CVE-2024-6957

A vulnerability classified as critical has been found in itsourcecode University Management System 1.0. This affects an unknown part of the file functions.php of the component Login. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely...

9.8CVSS5.7AI score0.00698EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/07/21 12:0 a.m.4 views

PT-2024-37996 · Unknown · Itsourcecode University Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode University Management System version 1.0 Description: A critical issue has been found in the itsourcecode University Management System. This issue affects the Login component, specifically the file functions.php. The manipulation...

9.8CVSS8.1AI score0.00698EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/07/15 12:0 a.m.8 views

PT-2024-37841 · Unknown · Simple Ticket Booking

Name of the Vulnerable Software and Affected Versions: Simple Ticket Booking version 1.0 Description: A critical issue has been found in the Login component of the affected software, specifically in the file adminauthenticate.php. The manipulation of the email and password arguments leads to SQL...

9.8CVSS8AI score0.00656EPSS
Exploits1References8
CNNVD
CNNVD
added 2024/06/09 12:0 a.m.6 views

Sourcecodester Stock Management System SQL Injection Vulnerability

Sourcecodester Stock Management System is an inventory management system. A SQL injection vulnerability exists in SourceCodester Stock Management System version 1.0, which originates from an unknown function in index.php in the component Login that allows an attacker to perform SQL injection via...

9.8CVSS8AI score0.00656EPSS
Exploits1References5
OSV
OSV
added 2024/06/04 10:15 a.m.5 views

CVE-2024-5463

A vulnerability regarding buffer copy without checking the size of input 'Classic Buffer Overflow' has been found in the login component. This allows remote attackers to write specific files containing non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors...

6.5CVSS5.9AI score0.00407EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/04 9:34 a.m.18 views

CVE-2024-5463

A vulnerability regarding buffer copy without checking the size of input 'Classic Buffer Overflow' has been found in the login component. This allows remote attackers to write specific files containing non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors...

6.5CVSS6.6AI score0.00407EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/04 12:0 a.m.7 views

PT-2024-36392 · Synology · Synology Camera Firmware

Name of the Vulnerable Software and Affected Versions: Synology Camera Firmware versions prior to 1.1.1-0383 Description: A buffer copy issue without input size checking, known as a 'Classic Buffer Overflow', has been found in the login component. This allows remote attackers to conduct...

7.5CVSS6.8AI score0.00407EPSS
Exploits0References5
CVE
CVE
added 2024/05/14 5:59 p.m.49 views

CVE-2024-33485

CASAP Automated Enrollment System, version V1.0, contains a SQL Injection in the login.php component (PHP/MySQLi) that could allow a remote attacker to leak sensitive information. Root cause: improper handling of user input in SQL queries. Mitigation in the connected document: disable the login f...

9.8CVSS7.5AI score0.0071EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/10 3:14 p.m.13 views

CVE-2024-30801

SQL Injection vulnerability in Cloud based customer service management platform v.1.0.0 allows a local attacker to execute arbitrary code via a crafted payload to Login.asp component...

8.4AI score0.01415EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/10 12:0 a.m.12 views

CVE-2024-30802

An issue in Vehicle Management System 7.31.0.320230412 allows an attacker to escalate privileges via the login.html component...

7.1AI score0.0052EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/10 12:0 a.m.21 views

CVE-2024-30802

An issue in Vehicle Management System 7.31.0.320230412 allows an attacker to escalate privileges via the login.html component...

7AI score0.0052EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/10 12:0 a.m.6 views

PT-2024-23618 · Unknown · Cloud Based Customer Service Management Platform

Name of the Vulnerable Software and Affected Versions: Cloud based customer service management platform version 1.0.0 Description: The issue allows a local attacker to execute arbitrary code via a crafted payload to the "Login.asp" component. This is related to a SQL Injection vulnerability...

5.5CVSS8.9AI score0.01415EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/06 12:0 a.m.4 views

NorthStarC2 跨站脚本漏洞

NorthStarC2 is an open source command and control framework by Engin Individual Developers. A cross-site scripting vulnerability exists in NorthStarC2 v1 that originates from allowing remote attackers to execute arbitrary code via the login.php component...

8.8CVSS8.3AI score0.78158EPSS
Exploits5References5
CNNVD
CNNVD
added 2024/04/06 12:0 a.m.7 views

iboss Secure Web Gateway 跨站脚本漏洞

iboss Secure Web Gateway is a web security solution from iboss designed to help organizations protect their networks from cyber threats and malicious activity. A cross-site scripting vulnerability exists in iboss Secure Web Gateway version 10.1 and earlier, which stems from a cross-site scripting...

6.1CVSS4.4AI score0.22002EPSS
Exploits4References5
Vulnrichment
Vulnrichment
added 2024/04/06 12:0 a.m.15 views

CVE-2024-28741

Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php component...

8.6AI score0.78158EPSS
Exploits5References3
Prion
Prion
added 2024/02/14 9:15 a.m.18 views

Cross site scripting

Cross Site Scripting XSS vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the login.php component...

5.8CVSS6.5AI score0.00606EPSS
Exploits0References1
Rows per page
Query Builder