Lucene search
K

70 matches found

Positive Technologies
Positive Technologies
added 2024/08/01 12:0 a.m.5 views

PT-2024-38292 · Sourcecodester · Sourcecodester Tracking Monitoring Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Tracking Monitoring Management System version 1.0 Description: A critical issue was found in the system, affecting the /ajax.php?action=save establishment file. The manipulation of the id argument leads to SQL injection. The...

9.8CVSS7.8AI score0.00544EPSS
Exploits1References8
CNNVD
CNNVD
added 2024/08/01 12:0 a.m.4 views

SourceCodester Tracking Monitoring Management System 跨站脚本漏洞

SourceCodester Tracking Monitoring Management System is a monitoring management system from SourceCodester, Inc. A cross-site scripting vulnerability exists in SourceCodester Tracking Monitoring Management System version 1.0, which is caused by a cross-site scripting vulnerability in the name...

6.1CVSS4.5AI score0.00453EPSS
Exploits1References5
Malwarebytes
Malwarebytes
added 2024/02/13 4:38 p.m.30 views

Remote Monitoring & Management software used in phishing attacks

Remote Monitoring & Management RMM software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today, streamlining tasks and ensuring network integrity from afar. However, these same tools have caught the eye of cybercriminals, who exploit them to...

7.7AI score
Exploits0
CISA
CISA
added 2023/08/16 12:0 p.m.6 views

CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan

Today, CISA released the Remote Monitoring and Management RMM Cyber Defense Plan, the first proactive Plan developed by industry and government partners through the Joint Cyber Defense Collaborative JCDC. This plan addresses systemic risks facing the exploitation of RMM software. Cyber threat...

7.2AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/06/06 12:0 a.m.7 views

PT-2023-24861 · Percona · Percona Monitoring/Management

Name of the Vulnerable Software and Affected Versions: Percona Monitoring and Management PMM server versions 2.x through 2.37.0 Description: The issue arises from the authenticate function in auth server.go not properly formalizing and sanitizing URL paths, which fails to reject path traversal...

9.8CVSS7.5AI score0.01278EPSS
Exploits0References3
OSV
OSV
added 2023/06/06 12:0 a.m.4 views

CVE-2023-34409

In Percona Monitoring and Management PMM server 2.x before 2.37.1, the authenticate function in authserver.go does not properly formalize and sanitize URL paths to reject path traversal attempts. This allows an unauthenticated remote user, when a crafted POST request is made against unauthenticat...

9.8CVSS5.9AI score0.01278EPSS
Exploits0References3
NVD
NVD
added 2023/04/08 8:15 a.m.17 views

CVE-2023-1950

A vulnerability has been found in PHPGurukul BP Monitoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file password-recovery.php of the component Password Recovery. The manipulation of the argument emailid/contactno leads to...

9.8CVSS7.4AI score0.00737EPSS
Exploits1References3
OSV
OSV
added 2023/04/08 8:15 a.m.3 views

CVE-2023-1949

A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file change-password.php of the component Change Password Handler. The manipulation of the argument password leads to sql injection. It is possibl...

9.8CVSS6.5AI score0.00708EPSS
Exploits1References3
Prion
Prion
added 2023/04/08 8:15 a.m.14 views

Sql injection

A vulnerability has been found in PHPGurukul BP Monitoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file password-recovery.php of the component Password Recovery. The manipulation of the argument emailid/contactno leads to...

6.5CVSS9.7AI score0.00737EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/04/08 8:15 a.m.25 views

Cross site scripting

A vulnerability, which was classified as problematic, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects some unknown processing of the file add-family-member.php of the component Add New Family Member Handler. The manipulation of the argument Member Name leads t...

4CVSS6AI score0.00557EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/04/08 7:31 a.m.18 views

CVE-2023-1950 PHPGurukul BP Monitoring Management System Password Recovery password-recovery.php sql injection

A vulnerability has been found in PHPGurukul BP Monitoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file password-recovery.php of the component Password Recovery. The manipulation of the argument emailid/contactno leads to...

6.5CVSS10AI score0.00737EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/04/08 7:0 a.m.28 views

CVE-2023-1949 PHPGurukul BP Monitoring Management System Change Password change-password.php sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file change-password.php of the component Change Password Handler. The manipulation of the argument password leads to sql injection. It is possibl...

6.5CVSS10AI score0.00708EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/04/08 6:31 a.m.24 views

CVE-2023-1948 PHPGurukul BP Monitoring Management System Add New Family Member add-family-member.php cross site scripting

A vulnerability, which was classified as problematic, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects some unknown processing of the file add-family-member.php of the component Add New Family Member Handler. The manipulation of the argument Member Name leads t...

4CVSS6.2AI score0.00557EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/04/08 12:0 a.m.6 views

BP Monitoring Management System 跨站脚本漏洞

BP Monitoring Management System is a web-based application by the individual developer of phpgurukul. A cross-site scripting vulnerability exists in version 1.0 of the PHPGurukul BP Monitoring Management System, which stems from an issue with the file add-family-member.php, where manipulation of...

6.1CVSS4.1AI score0.00557EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/04/08 12:0 a.m.6 views

BP Monitoring Management System SQL注入漏洞

BP Monitoring Management System is a web-based application by the individual developer of phpgurukul. A SQL injection vulnerability exists in version 1.0 of the PHPGurukul BP Monitoring Management System, which stems from a problem with the file change-password.php, where manipulation of the...

9.8CVSS7AI score0.00708EPSS
Exploits1References4
NVD
NVD
added 2023/04/07 5:15 p.m.28 views

CVE-2023-1909

A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file profile.php of the component User Profile Update Handler. The manipulation of the argument name/mobno leads to sql injection. It is possible ...

6.5CVSS5.7AI score0.00625EPSS
Exploits1References3
Prion
Prion
added 2023/04/07 5:15 p.m.20 views

Sql injection

A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file profile.php of the component User Profile Update Handler. The manipulation of the argument name/mobno leads to sql injection. It is possible ...

5.8CVSS7AI score0.00625EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/04/07 5:0 p.m.62 views

CVE-2023-1909

The CVE-2023-1909 entry concerns PHPGurukul BP Monitoring Management System 1.0. The User Profile Update Handler’s profile.php is affected; the issue arises from manipulating the name and mobno arguments, enabling a SQL injection. The vulnerability is exploitable remotely and has been disclosed p...

6.5CVSS6AI score0.00625EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/03/14 3:15 p.m.25 views

CVE-2023-27074

BP Monitoring Management System v1.0 was discovered to contain a SQL injection vulnerability via the emailid parameter in the login page...

9.8CVSS9.8AI score0.0062EPSS
Exploits0References2
CVE
CVE
added 2023/03/14 12:0 a.m.43 views

CVE-2023-27074

BP Monitoring Management System v1.0 contains a SQL injection vulnerability in the login page, exploitable via the emailid parameter. The issue, as described across the CVE records, is caused by unparameterized SQL in the authentication flow, leading to potential disclosure, modification, or dest...

9.8CVSS9.7AI score0.0062EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder