CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Packet Storm•added 2025/04/11 12:0 a.m.•272 views

📄 RosarioSIS SQL Injection

RosarioSIS versions prior to 7.6.1 suffer from a remote unauthenticated SQL injection vulnerability. Exploit Title: RosarioSIS $votesarray && if ! empty $votesarray && PortalPollsVote $pollid, $votesarray votes'; CREATE TABLE aaat text --=1...

9.8CVSS9.6AI score0.12478EPSS

Exploits3

Exploit DB•added 2025/04/11 12:0 a.m.•229 views

RosarioSIS 7.6 - SQL Injection

Exploit Title: RosarioSIS 7.6 - SQL Injection Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://gitlab.com/francoisjacquet/rosariosis Software Link: https://gitlab.com/francoisjacquet/rosariosis Version: 7.6 Tested on: Ubuntu Windows CVE : CVE-2021-44567 PoC: POST...

9.8CVSS9.7AI score0.12478EPSS

Exploits3

NVD•added 2022/02/24 3:15 p.m.•9 views

CVE-2021-44567

An unauthenticated SQL Injection vulnerability exists in RosarioSIS before 7.6.1 via the votes parameter in ProgramFunctions/PortalPollsNotes.fnc.php...

9.8CVSS0.12478EPSS

Exploits3References4

OSV•added 2022/02/24 3:15 p.m.•7 views

CVE-2021-44567

An unauthenticated SQL Injection vulnerability exists in RosarioSIS before 7.6.1 via the votes parameter in ProgramFunctions/PortalPollsNotes.fnc.php...

9.8CVSS8.2AI score

Exploits0References4

Positive Technologies•added 2022/02/22 12:0 a.m.•3 views

PT-2022-12164 · Unknown · Rosariosis

Name of the Vulnerable Software and Affected Versions: RosarioSIS versions prior to 7.6.1 Description: An unauthenticated SQL Injection issue exists via the votes parameter in ProgramFunctions/PortalPollsNotes.fnc.php. Recommendations: For versions prior to 7.6.1, update to version 7.6.1 or later...

9.8CVSS8.2AI score0.12478EPSS

Exploits3References14

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by