Lucene search
+L

68 matches found

osv
osv
added 2024/12/09 7:15 p.m.4 views

CVE-2024-54934

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteclass.php...

9.8CVSS5.8AI score0.00496EPSS
Exploits1References1
cnnvd
cnnvd
added 2024/09/20 12:0 a.m.3 views

SourceCodester Best House Rental Management System SQL注入漏洞

SourceCodester Best House Rental Management System is a house rental management system from SourceCodester. A SQL injection vulnerability exists in SourceCodester Best House Rental Management System version 1.0, which is caused by SQL injection of the parameters firstname/lastname/email...

9.8CVSS7.9AI score0.00698EPSS
Exploits1References6
cnnvd
cnnvd
added 2024/03/31 12:0 a.m.4 views

WordPress Plugin Easy Form Builder SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Easy Form Builder is...

8.5CVSS8.6AI score0.00488EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/02/29 12:0 a.m.5 views

Library Management System SQL Injection Vulnerability

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A SQL injection vulnerability exists in Library Management System version 2.0, which stems from the presence of a SQL injection vulnerabilit...

9.8CVSS8.2AI score0.00961EPSS
Exploits1References4
osv
osv
added 2023/12/28 11:15 a.m.6 views

CVE-2023-50857

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing,...

7.2CVSS7.3AI score0.00534EPSS
Exploits0References1
osv
osv
added 2023/12/20 4:15 p.m.3 views

CVE-2023-32128

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in a...

7.2CVSS5.8AI score0.00723EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/11/06 12:0 a.m.4 views

PT-2023-15300 · Online Ada · Accessibility Suite

Name of the Vulnerable Software and Affected Versions: Accessibility Suite by Online ADA versions 4.11 through 4.12 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

9.8CVSS9.7AI score0.00479EPSS
Exploits0References5
cnnvd
cnnvd
added 2023/09/29 12:0 a.m.7 views

Engineers Online Portal SQL Injection Vulnerability

Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. Engineers Online Portal suffers from a SQL injection vulnerability that stems from manipulation of the id parameter that...

9.8CVSS8.2AI score0.00684EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2023/09/21 12:0 a.m.4 views

PT-2023-28755 · Phpjabbers · Phpjabbers Php Shopping Cart

Name of the Vulnerable Software and Affected Versions: Phpjabbers PHP Shopping Cart version 4.2 Description: The issue is related to SQL Injection via the id parameter. This allows for potential exploitation. No information is provided about the estimated number of potentially affected devices...

7.5CVSS8.5AI score0.00562EPSS
Exploits1References9
cnnvd
cnnvd
added 2023/08/17 12:0 a.m.5 views

Online Travel Agency System SQL注入漏洞

Online Travel Agency System is an online travel agency system by Qaseem Hilal Personal Developer. A security vulnerability exists in Online Travel Agency System version v.1.0, which can be exploited to execute arbitrary code from the id parameter of the dailyexpenditureedit.php file...

7.2CVSS7.5AI score0.0107EPSS
Exploits1References2
cnnvd
cnnvd
added 2023/08/10 12:0 a.m.4 views

PHPJabbers Document Creator SQL Injection Vulnerability

PHPJabbers Document Creator is a PHPJabbers open source document creator. A security vulnerability exists in PHPJabbers Document Creator v1.0, which stems from an SQL injection in the column parameter of ndex.php...

9.8CVSS7.9AI score0.00659EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/07/31 12:0 a.m.4 views

SEMCMS SQL注入漏洞

SEMCMS is a foreign trade web content management system CMS that supports multiple languages. SEMCMS version 1.5 suffers from a SQL injection vulnerability, which originates from the lack of validation of external input SQL statements in the parameter id of /AntSuxin.php, which can be exploited b...

9.8CVSS8.1AI score0.00519EPSS
Exploits0References4
cnnvd
cnnvd
added 2023/05/30 12:0 a.m.5 views

WordPress plugin Elementor Website Builder SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...

7.2CVSS7.1AI score0.19695EPSS
Exploits7References2
cnnvd
cnnvd
added 2023/01/15 12:0 a.m.4 views

pontifex.http SQL注入漏洞

pontifex.http is an application by Andrew Personal Developer. An SQL injection vulnerability exists in pontifex.http, which originates from unknown code in the file lib/Http.coffee and operates to cause SQL injection...

9.8CVSS6.6AI score0.00658EPSS
Exploits0References4
cnnvd
cnnvd
added 2023/01/05 12:0 a.m.4 views

Aruba Networks EdgeConnect Enterprise Orchestrator SQL注入漏洞

Aruba Networks EdgeConnect Enterprise Orchestrator is a centralized SD-WAN management solution from Aruba Networks, Inc. It provides optimization, management, automation, and real-time visibility and monitoring features for enterprise users. A security vulnerability exists in Aruba Networks...

8.8CVSS8.1AI score0.00952EPSS
Exploits0References2
cnnvd
cnnvd
added 2022/11/25 12:0 a.m.4 views

JeecgBoot Jeecg-Boot SQL注入漏洞

Jeecg-Boot is a code generator based low-code platform from the JeecgBoot community. JeecgBoot A security vulnerability exists in Jeecg-Boot version v3.4.3, which stems from the discovery of a contained SQL injection vulnerability via component /sys/dict/queryTableData...

5.3CVSS6AI score0.00596EPSS
Exploits1References3
cnnvd
cnnvd
added 2022/11/17 12:0 a.m.3 views

Automotive Shop Management System SQL注入漏洞

Automotive Shop Management System is an automotive shop management system by the individual developer Carlo Montero. Automotive Shop Management System v1.0 suffers from a SQL injection vulnerability that originates from /asms/admin/?page=user/manageuser&id=Lack of validation of externally entered...

7.2CVSS7.9AI score0.00726EPSS
Exploits1References2
cnnvd
cnnvd
added 2022/10/31 12:0 a.m.16 views

WordPress plugin WordPress Classifieds Plugin SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

9.8CVSS8.5AI score0.05103EPSS
Exploits2References2
bdu_fstec
bdu_fstec
added 2022/10/06 12:0 a.m.7 views

The vulnerability of the index.php implementation in the Metinfo CMS system allows a perpetrator to execute arbitrary SQL code.

The vulnerability of the index.php script implementation in the Metinfo CMS system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

10CVSS8.2AI score0.01739EPSS
Exploits1References4
attackerkb
attackerkb
added 2022/06/23 5:15 p.m.7 views

CVE-2022-22980

A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized...

9.8CVSS7.2AI score0.16903EPSS
Exploits3References2
Rows per page
Query Builder