Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2025/10/30 12:0 a.m.1 views

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.1.2 that stems from insufficient...

6.1CVSS6AI score0.00743EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/07/29 12:0 a.m.3 views

PT-2024-38163 · Simopro Technology · Winmatrix3 Web Package

Name of the Vulnerable Software and Affected Versions: WinMatrix3 Web package from Simopro Technology affected versions not specified Description: The issue concerns the login functionality, which lacks proper validation of user input. This allows unauthenticated remote attackers to inject SQL...

9.8CVSS7.7AI score0.00789EPSS
Exploits0References6
OSV
OSVadded 2023/06/16 4:15 a.m.0 views

CVE-2023-32754

Thinking Software Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database...

9.8CVSS6AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/03/24 12:0 a.m.1 views

PT-2023-20035 · Unknown · Faveo Helpdesk

Name of the Vulnerable Software and Affected Versions: Faveo Helpdesk versions 1.0 through 1.11.1 Description: The issue arises from a lack of validation on user input data during the login process. This allows parameters passed from the front end to the back end to be controlled, leading to SQL...

8.8CVSS8.3AI score0.00226EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2023/03/24 12:0 a.m.4 views

CVE-2023-25350

Faveo Helpdesk 1.0-1.11.1 is vulnerable to SQL Injection. When the user logs in through the login box, he has no judgment on the validity of the user's input data. The parameters passed from the front end to the back end are controllable, which will lead to SQL injection...

9.1AI score0.00226EPSS
Exploits1References2
CNVD
CNVDadded 2020/05/18 12:0 a.m.2 views

Submitty Input Validation Error Vulnerability

Submitty is an open source course management system . The system supports course management , assignment submission , exams and grading system and other functions . An input validation error vulnerability exists in the login page in Submitty versions 20.04.01 and earlier. The vulnerability stems...

6.1CVSS7AI score0.0863EPSS
Exploits1References1
CNVD
CNVDadded 2018/04/26 12:0 a.m.2 views

Mitel MiVoice Connect SQL Injection Vulnerability

Mitel MiVoice Connect R1707-PREM and Mitel ST are both products of Mitel Corporation of Canada.Mitel MiVoice Connect R1707-PREM is a Unified Communications Management Appliance.ST is a videoconferencing product.conferencing is one of the notification components. conferencing is one of the...

6.5CVSS7.7AI score0.00261EPSS
Exploits0References1
Packet Storm
Packet Stormadded 2007/03/20 12:0 a.m.39 views

overtheledger.txt

Hi; Affected versions: LedgerSMB 1.1.10 but see below, current is 1.1.11 SQL-Ledger 2.6.27 but see below. Current is 2.6.27 Effects: Arbitrary code execution both products and authentication bypass SQL-Ledger only. We have discovered yet another major security issue in both SQL-Ledger for affecte...

Exploits0
Rows per page
Query Builder