Lucene search
K

110 matches found

CNNVD
CNNVD
added 2024/05/14 12:0 a.m.3 views

College Management System SQL注入漏洞

College Management System is a simple project organized by Code Projects. It is used to keep track of students, teachers, subjects, schedules and all things related to the university. A SQL injection vulnerability exists in College Management System version 1.0, which stems from an SQL injection...

8.8CVSS7.1AI score0.00835EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/05/12 12:0 a.m.6 views

PT-2024-32947 · Unknown · Kashipara College Management System

Name of the Vulnerable Software and Affected Versions: Kashipara College Management System version 1.0 Description: A critical issue has been found in the Kashipara College Management System, affecting an unknown functionality of the file submit admin.php. The manipulation of the phone argument...

8.8CVSS8.1AI score0.00835EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2024/02/29 12:0 a.m.12 views

CVE-2023-51800

Cross Site Scripting XSS vulnerability in School Fees Management System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the mainsettings component in the phone, address, bank, accname, accnumber parameters, newclass and cname parameter, addnewparent function in t...

6.5AI score0.00628EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/02/23 12:0 a.m.4 views

Library System SQL Injection Vulnerability

Library System is a library management system by the individual developer nurhodelta17. A SQL injection vulnerability exists in Library System version 1.0, which stems from the fact that incorrect manipulation of the parameters email/regno/phone/username can lead to sql injection...

9.8CVSS8.4AI score0.0076EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/02/23 12:0 a.m.5 views

Library System SQL Injection Vulnerability

Library System is a library management system by the individual developer nurhodelta17. A SQL injection vulnerability exists in Library System version 1.0, which stems from the fact that incorrect manipulation of the parameters email/idno/phone/username can lead to sql injection...

9.8CVSS8.4AI score0.00731EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/12/28 12:0 a.m.6 views

PT-2023-32907 · Gopeak · Gopeak Masterlab

Name of the Vulnerable Software and Affected Versions: gopeak MasterLab versions up to 3.3.10 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically affecting the function sqlInjectDelete of the file app/ctrl/framework/Feature.php. The manipulation o...

9.8CVSS7AI score0.0065EPSS
Exploits0References7
NVD
NVD
added 2023/11/02 2:15 p.m.20 views

CVE-2023-45340

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'phone' parameter of the routers/details-router.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS10AI score0.007EPSS
Exploits1References2
OSV
OSV
added 2023/11/02 2:15 p.m.4 views

CVE-2023-45342

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'phone' parameter of the routers/register-router.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS5.8AI score0.007EPSS
Exploits1References2
OSV
OSV
added 2023/11/02 2:15 p.m.4 views

CVE-2023-45340

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'phone' parameter of the routers/details-router.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS5.9AI score0.007EPSS
Exploits1References2
Prion
Prion
added 2023/11/02 2:15 p.m.17 views

Sql injection

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'phone' parameter of the routers/register-router.php resource does not validate the characters received and they are sent unfiltered to the database...

7.5CVSS9.9AI score0.007EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/02 12:0 a.m.5 views

PT-2023-29516 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The Online Food Ordering System is affected by multiple Unauthenticated SQL Injection vulnerabilities. The issue arises from the phone parameter of the "routers/details-router.php" resource...

9.8CVSS9.8AI score0.007EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/11/02 12:0 a.m.4 views

PT-2023-29518 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The Online Food Ordering System is affected by multiple Unauthenticated SQL Injection vulnerabilities. The issue arises from the phone parameter of the "routers/register-router.php" resourc...

9.8CVSS9.7AI score0.007EPSS
Exploits1References7
CNNVD
CNNVD
added 2023/11/02 12:0 a.m.3 views

Online Food Ordering System SQL Injection Vulnerability

Online Food Ordering System is an online food ordering system by Carlo Montero, a personal developer. A SQL injection vulnerability exists in Online Food Ordering System v1.0, which is caused by insufficient filtering of the phone parameter on the routers/details-router.php page...

9.8CVSS8AI score0.007EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/11/02 12:0 a.m.4 views

Online Food Ordering System SQL Injection Vulnerability

Online Food Ordering System is an online food ordering system developed by Carlo Montero. A SQL injection vulnerability exists in Online Food Ordering System v1.0, which is caused by insufficient filtering of the phone parameter on the routers/register-router.php page...

9.8CVSS8AI score0.007EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.8 views

GZ Scripts Ticket Booking Script 跨站脚本漏洞

GZ Scripts Ticket Booking Script is a ticket booking system from GZ Scripts. A cross-site scripting vulnerability exists in GZ Scripts Ticket Booking Script version 1.8, which stems from cross-site scripting due to incorrect manipulation of the parameters firstname, secondname, phone, address1, a...

6.1CVSS4.7AI score0.00383EPSS
Exploits0References3
OSV
OSV
added 2023/02/17 1:15 p.m.6 views

CVE-2022-40347

SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information...

9.8CVSS6.1AI score0.05348EPSS
Exploits5References4
Cvelist
Cvelist
added 2023/02/17 12:0 a.m.48 views

CVE-2022-40347

SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information...

10AI score0.05348EPSS
Exploits5References4
GithubExploit
GithubExploit
added 2023/02/16 2:16 a.m.6 views

Exploit for SQL Injection in Intern_Record_System_Project Intern_Record_System

CVE-2022-40347: Intern Record System - 'phone', 'email', 'dept...

9.8CVSS10AI score0.05348EPSS
Exploits5
CNVD
CNVD
added 2022/10/14 12:0 a.m.26 views

Zimbra Collaboration Suite phone cross-site scripting vulnerability

Synacor Zimbra Collaboration Suite ZCS is an open source collaboration suite from Synacor, USA. The product includes WebMail, Calendar, Address Book and more. A cross-site scripting vulnerability exists in Zimbra Collaboration Suite version 8.8.15, which stems from the lack of effective filtering...

6.1CVSS6.4AI score0.0041EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/12 12:0 a.m.8 views

Zimbra Collaboration Suite 跨站脚本漏洞

Synacor Zimbra Collaboration Suite ZCS is an open source collaboration suite from Synacor, USA. The product includes WebMail, Calendar, Address Book and more. A cross-site scripting vulnerability exists in Zimbra Collaboration Suite version 8.8.15, which stems from the lack of effective filtering...

6.1CVSS6.5AI score0.0041EPSS
Exploits0References3
Rows per page
Query Builder