Lucene search
K

115 matches found

Positive Technologies
Positive Technologies
added 2024/05/06 12:0 a.m.6 views

PT-2024-31516 · Unknown · Campcodes Complete Web-Based School Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Web-Based School Management System version 1.0 Description: A vulnerability was found in the system, classified as problematic, affecting some unknown processing of the file /view/student payment details3.php. The...

6.1CVSS4.3AI score0.0056EPSS
Exploits1References9
CNNVD
CNNVD
added 2024/04/25 12:0 a.m.3 views

Tenda 4G300 安全漏洞

The Tenda 4G300 is a portable wireless router aimed at users who need mobile Internet access scenarios. The Tenda 4G300 suffers from a buffer overflow vulnerability that stems from incorrect manipulation of the parameters year/month/day/hour/minute/second, for which no detailed vulnerability...

9CVSS7.4AI score0.01755EPSS
Exploits1References5
OSV
OSV
added 2024/02/29 2:15 a.m.4 views

CVE-2023-51802

Cross Site Scripting XSS vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the page or classmonth parameter in the /php-attendance/attendancereport component...

6.1CVSS6.1AI score0.00615EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2024/02/29 2:15 a.m.1 views

CVE-2023-51802

Cross Site Scripting XSS vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the page or classmonth parameter in the /php-attendance/attendancereport component...

6.1CVSS6.2AI score0.00615EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.4 views

Simple Student Attendance System Security Vulnerability

Simple Student Attendance System is a simple student attendance system. A security vulnerability exists in Simple Student Attendance System version v.1.0. An attacker can exploit this vulnerability to execute arbitrary code via a specially crafted payload on the page or classmonth parameter in th...

6.1CVSS7.6AI score0.00615EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.6 views

PT-2024-14296 · Unknown · Simple Student Attendance System

Name of the Vulnerable Software and Affected Versions: Simple Student Attendance System version 1.0 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code via a crafted payload to the page or class month parameter in the "/php-attendance/attendance report...

6.1CVSS6.6AI score0.00615EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/03/29 12:0 a.m.5 views

Suprema BioStar 2 SQL注入漏洞

Suprema BioStar 2 is a web-based biometric security smart lock platform from Suprema Korea. A security vulnerability exists in Suprema BioStar 2 version v2.8.16. An attacker can exploit the vulnerability to perform SQL injection via the values parameter at /users/absence?searchmonth=1...

6.5CVSS6.8AI score0.07496EPSS
Exploits4References8
OSV
OSV
added 2023/03/09 9:15 p.m.3 views

CVE-2023-27205

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /kruxton/salesreport.php...

9.8CVSS7.3AI score0.00788EPSS
Exploits1References2
NVD
NVD
added 2023/03/09 9:15 p.m.18 views

CVE-2023-27205

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /kruxton/salesreport.php...

9.8CVSS9.8AI score0.00788EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.4 views

SUSE CVE-2006-3682

awstats.pl in AWStats 6.5 build 1.857 and earlier allows remote attackers to obtain the installation path via the 1 year, 2 pluginmode or 3 month parameters...

5CVSS7AI score0.09545EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/08/29 2:15 p.m.3 views

CVE-2022-36689

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/waste&month=...

8.8CVSS7.4AI score0.00866EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/08/29 2:15 p.m.6 views

CVE-2022-36688

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockout&month=...

8.8CVSS7.4AI score0.00866EPSS
Exploits1References2
NVD
NVD
added 2022/08/29 2:15 p.m.12 views

CVE-2022-36688

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockout&month=...

8.8CVSS0.00866EPSS
Exploits1References1
OSV
OSV
added 2022/08/29 2:15 p.m.4 views

CVE-2022-36689

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/waste&month=...

8.8CVSS5.8AI score0.00866EPSS
Exploits1References1
OSV
OSV
added 2022/08/29 2:15 p.m.5 views

CVE-2022-36686

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockin&month=...

8.8CVSS5.8AI score0.00866EPSS
Exploits1References1
NVD
NVD
added 2022/08/29 2:15 p.m.13 views

CVE-2022-36686

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockin&month=...

8.8CVSS0.00866EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/08/29 2:15 p.m.4 views

CVE-2022-36686

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockin&month=...

8.8CVSS7.4AI score0.00866EPSS
Exploits1References2
Prion
Prion
added 2022/08/29 2:15 p.m.14 views

Sql injection

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockout&month=...

6.5CVSS8.9AI score0.00866EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/08/29 12:0 a.m.5 views

Ingredients Stock Management System SQL注入漏洞

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which originates from the /admin/?page= reports/stockout&month= is missing validation of external...

8.8CVSS7.7AI score0.00866EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/29 12:0 a.m.6 views

PT-2022-23555 · Unknown · Ingredients Stock Management System

Name of the Vulnerable Software and Affected Versions: Ingredients Stock Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the month parameter at the "/admin/?page=reports/stockout&month=" endpoint...

8.8CVSS8.7AI score0.00866EPSS
Exploits1References3
Rows per page
Query Builder