Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7725 matches found

OSV
OSVadded 2007/01/16 11:28 p.m.1 views

DEBIAN-CVE-2007-0262

WordPress 2.0.6, and 2.1Alpha 3 SVN:4662, does not properly verify that the m parameter value has the string data type, which allows remote attackers to obtain sensitive information via an invalid m parameter, as demonstrated by obtaining the path, and obtaining certain SQL information such as th...

7.8CVSS7AI score0.00964EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2007/01/16 12:0 a.m.3 views

PT-2007-1215 · Portix · Portix-Php

Name of the Vulnerable Software and Affected Versions: Portix-PHP version 0.4.2 Description: The issue allows remote attackers to execute arbitrary SQL commands via the username and passwd fields in the login component. Recommendations: For Portix-PHP version 0.4.2, update to a version that fixes...

7.5CVSS8.4AI score0.00619EPSS
Exploits0References6
OSV
OSVadded 2007/01/09 12:28 a.m.1 views

DEBIAN-CVE-2007-0107

WordPress before 2.0.6, when mbstring is enabled for PHP, decodes alternate character sets after escaping the SQL query, which allows remote attackers to bypass SQL injection protection schemes and execute arbitrary SQL commands via multibyte charsets, as demonstrated using UTF-7...

6.8CVSS8.7AI score0.06942EPSS
Exploits1References1
RedHat Linux
RedHat Linuxadded 2006/12/11 11:31 a.m.3 views

security flaw

Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site scripting XSS, and HTTP response splitting...

9.3CVSS5.7AI score0.0674EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2006/11/24 12:0 a.m.2 views

PT-2006-6735 · Baal · Baalasp Forum

Name of the Vulnerable Software and Affected Versions: BaalAsp forum affected versions not specified Description: The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities allow remote attackers to execute arbitrary SQL commands. The vulnerabilities can be exploited through...

7.5CVSS8.1AI score0.01233EPSS
Exploits1References9
Positive Technologies
Positive Technologiesadded 2006/11/17 12:0 a.m.3 views

PT-2006-6611 · Funkyasp · Funkyasp Glossary

Name of the Vulnerable Software and Affected Versions: FunkyASP Glossary version 1.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the alpha parameter in the demo/glossary/glossary.asp file. Recommendations: For FunkyASP Glossary...

7.5CVSS7.9AI score0.04058EPSS
Exploits1References9
Positive Technologies
Positive Technologiesadded 2006/11/06 12:0 a.m.3 views

PT-2006-6446 · Unknown · Article Script

Name of the Vulnerable Software and Affected Versions: Article Script versions 1.6.3 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the category parameter in the rss.php file. Recommendations: For Article Script versions 1.6.3 an...

7.5CVSS7.5AI score0.02159EPSS
Exploits2References9
Positive Technologies
Positive Technologiesadded 2006/06/05 12:0 a.m.3 views

PT-2006-3745 · X Cart · X-Cart

Name of the Vulnerable Software and Affected Versions: X-Cart Gold and Pro versions 4.0.18 through 4.1.0 beta 1 Description: The issue allows remote attackers to execute arbitrary SQL commands via the "Search for pattern" field in search.php, when the settings specify only "Search in Detailed...

9.8CVSS8.5AI score0.0078EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2005/12/22 12:0 a.m.3 views

PT-2005-5169 · Quantum Art · Quantum Art Qp7.Enterprise

Name of the Vulnerable Software and Affected Versions: Quantum Art QP7.Enterprise affected versions not specified Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the p news id parameter to API endpoints such as "news and events...

7.5CVSS8.6AI score0.00757EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2005/11/04 12:0 a.m.1 views

PT-2005-4293 · Php · Php Handicapper

Name of the Vulnerable Software and Affected Versions: PHP Handicapper affected versions not specified Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the serviceid parameter in the process signup.php file. The vendor initially disputed this issue,...

7.5CVSS8.7AI score0.01053EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2005/05/28 12:0 a.m.2 views

PT-2005-2772 · Os4E · Unknown Product

Name of the Vulnerable Software and Affected Versions: Unknown product by Online Solutions for Educators OS4E affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the password variable in the login.asp file. This could potentially le...

7.5CVSS7.7AI score0.01055EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2005/05/25 12:0 a.m.4 views

PT-2005-2722 · Ezdwc · Ezdwc Newsletterez

Name of the Vulnerable Software and Affected Versions: ezdwc NewsletterEz version 3.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the password parameter in the "login.asp" file. Recommendations: For ezdwc NewsletterEz version 3.0, conside...

7.5CVSS7.9AI score0.00603EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2005/05/11 12:0 a.m.2 views

PT-2005-2567 · Quick.Cart · Quick.Cart

Name of the Vulnerable Software and Affected Versions: Quick.cart version 0.3.0 Description: The issue concerns a potential SQL injection vulnerability in the index.php file of Quick.cart, allegedly allowing remote attackers to execute arbitrary SQL commands via the iCategory parameter. However,...

7.5CVSS8.7AI score0.00716EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2005/02/17 12:0 a.m.3 views

PT-2005-1332 · Biborb · Biborb

Name of the Vulnerable Software and Affected Versions: BibORB versions 1.3.2 and earlier Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the Username or Password variables. Recommendations: For BibORB versions 1.3.2 and earlier, update to...

7.5CVSS7.6AI score0.01248EPSS
Exploits2References7
Microsoft Security Update
Microsoft Security Updateadded 1976/01/01 12:0 a.m.1 views

SQL Server 2016 RTM Cumulative Update (CU) 1 KB3164674

SQL Server 2016 RTM Cumulative Update CU 1 KB3164674...

7.6AI score
Exploits0
Microsoft Security Update
Microsoft Security Updateadded 1976/01/01 12:0 a.m.1 views

SQL Server 2017 RTM Cumulative Update (CU) 14 KB4484710

SQL Server 2017 RTM Cumulative Update CU 14 KB4484710...

5.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Updateadded 1976/01/01 12:0 a.m.4 views

SQL Server 2017 RTM Cumulative Update (CU) 10 KB4342123

SQL Server 2017 RTM Cumulative Update CU 10 KB4342123...

5.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Updateadded 1976/01/01 12:0 a.m.1 views

SQL Server 2022 RTM Cumulative Update (CU) 4 KB5026717

SQL Server 2022 RTM Cumulative Update CU 4 KB5026717...

5.8AI score
Exploits0
Microsoft KB
Microsoft KBadded 1970/01/01 12:0 a.m.4 views

KB5004524 - Cumulative Update 12 for SQL Server 2019

None None...

5.8AI score
Exploits0
Microsoft KB
Microsoft KBadded 1970/01/01 12:0 a.m.5 views

KB5081495 - Cumulative Update 4 for SQL Server 2025

None None...

5.7AI score
Exploits0
Rows per page
Query Builder