Lucene search
K

6 matches found

CVE
CVE
added yesterday5 views

CVE-2026-14769

The CVE-2026-14769 entry concerns code-projects Real State Services 1.0. A vulnerability in processing the file /pay.php allows manipulation of the Bankname parameter that leads to a SQL injection. The issue appears to be exploitable remotely and public exploit details are available. Metrics indi...

7.5CVSS6.8AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.16 views

PT-2026-39974

The Slek Gateway for WooCommerce plugin for WordPress is vulnerable to Information Exposure in version 1.0. This is due to the wsb handle slek payment redirect function placing the merchant's slek key and slek secret API credentials directly into a client-side HTML form, and additionally embeddin...

5.3CVSS5.8AI score0.00251EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 9:20 a.m.6 views

CVE-2024-38469

zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting XSS vulnerability via the $search parameter at /pay.php...

6.3CVSS5.8AI score0.00347EPSS
Exploits1References1
OSV
OSV
added 2024/06/17 2:15 p.m.5 views

CVE-2024-38469

zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting XSS vulnerability via the $search parameter at /pay.php...

6.3CVSS5.7AI score0.00347EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2021/08/10 12:0 a.m.5 views

The vulnerability of the CASAP Automated Enrollment System software lies in its lack of measures to protect the SQL query structure, allowing attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the CASAP Automated Enrollment System lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information through the parameter “id...

10CVSS7.9AI score0.01517EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2017/03/27 12:0 a.m.1 views

SQL injection vulnerability in the climit parameter of the admin_pay.php page of the Ocean CMS system

Ocean CMS is an open source website builder. A SQL injection vulnerability exists in the Ocean CMS adminpay.php page. The lack of filtering of the climit parameter allows attackers to exploit the vulnerability to obtain sensitive database information...

7.9AI score
Exploits0
Rows per page
Query Builder