Lucene search
K

8281 matches found

CNNVD
CNNVD
added 2025/04/04 12:0 a.m.3 views

CodeAstro Car Rental System 安全漏洞

CodeAstro Car Rental System is a car rental system from CodeAstro. A security vulnerability exists in CodeAstro Car Rental System version 1.0, which stems from an incorrect manipulation of the parameter ID that can lead to SQL injection...

9.8CVSS6.9AI score0.00411EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.3 views

Code-Projects Hospital Management System 安全漏洞

Hospital Management System a hospital management system. The Hospital Management System suffers from a SQL injection vulnerability that originates from a missing validation of externally entered SQL statements in the parameter doctorspecilization of the file /admin/doctor-specilization.php. An...

7.5CVSS7AI score0.00379EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.4 views

PHPGurukul e-Diary Management System 注入漏洞

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a SQL injection vulnerability that originates from a missing validation of an externally typed SQL statement in the emailid parameter of the registration.php file. An attacker can...

9.8CVSS7.7AI score0.00478EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.4 views

Code-Projects Patient Record Management System 安全漏洞

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from a missing validation of an externally entered SQL statement in the parameter birthid of the /birthingform.php file...

7.5CVSS6.9AI score0.00379EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.5 views

PHPGurukul Restaurant Table Booking System 注入漏洞

Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that originates from a missing validation of an externally entered SQL statement in the parameter fullname of the edit-subadmin.php file. An attacke...

7.2CVSS5.6AI score0.00395EPSS
Exploits1References5
OSV
OSV
added 2025/04/03 9:15 p.m.5 views

CVE-2025-3180

A vulnerability classified as critical was found in projectworlds Online Doctor Appointment Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /doctor/deleteschedule.php. The manipulation of the argument ID leads to sql injection. The attack can be launched...

9.8CVSS5.8AI score0.00513EPSS
Exploits1References4
OSV
OSV
added 2025/04/03 7:15 p.m.2 views

CVE-2025-3175

A vulnerability was found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /saveusereditprofile.php. The manipulation of the argument firstName leads to sql injection. The attack may be launched...

9.8CVSS6.9AI score0.00445EPSS
Exploits0References4
Friends Of PHP
Friends Of PHP
added 2025/04/03 3:2 p.m.13 views

GraphQL query operations security can be bypassed

Summary Using the Relay special node type you can bypass the configured security on an operation. Details Here is an example of how to apply security configurations for the GraphQL operations: php ApiResource security: "isgranted'ROLEUSER'", operations: / ... / , graphQlOperations: new...

7.5CVSS7.2AI score0.00409EPSS
Exploits0Affected Software1
GithubExploit
GithubExploit
added 2025/04/03 12:29 a.m.98 views

Exploit for CVE-2025-30921

CVE-2025-30921 1️⃣ Component type WordPress plugin 2️...

7.6CVSS8.1AI score0.00494EPSS
Exploits1
CNNVD
CNNVD
added 2025/04/03 12:0 a.m.2 views

Apartment Visitor Management System 注入漏洞

Apartment Visitor Management System is an Apartment Visitor Management System by Carlo Montero Personal Developer. An injection vulnerability exists in Apartment Visitor Management System version 1.0, which stems from an incorrect operation of the parameter buildingno that can lead to SQL injecti...

8.8CVSS7.1AI score0.00443EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/04/03 12:0 a.m.2 views

Project Worlds Online Doctor Appointment Booking System 安全漏洞

Project Worlds Online Doctor Appointment Booking System is an online doctor appointment booking system from Project Worlds, Inc. A security vulnerability exists in Project Worlds Online Doctor Appointment Booking System version 1.0, which stems from an incorrect operation of the parameter...

9.8CVSS7.8AI score0.00544EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.3 views

PT-2025-14817 · Unknown · Projectworlds Online Doctor Appointment Booking System

Name of the Vulnerable Software and Affected Versions: projectworlds Online Doctor Appointment Booking System version 1.0 Description: A critical issue was discovered in the projectworlds Online Doctor Appointment Booking System, affecting an unknown function of the file...

9.8CVSS7.5AI score0.00544EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/04/03 12:0 a.m.2 views

Project Worlds Online Doctor Appointment Booking System 注入漏洞

Project Worlds Online Doctor Appointment Booking System is an online doctor appointment booking system from Project Worlds, Inc. An injection vulnerability exists in Project Worlds Online Doctor Appointment Booking System version 1.0, which stems from an incorrect operation of the parameter...

9.8CVSS8AI score0.00513EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/04/03 12:0 a.m.3 views

Project Worlds Online Doctor Appointment Booking System 注入漏洞

Project Worlds Online Doctor Appointment Booking System is an online doctor appointment booking system from Project Worlds, Inc. An injection vulnerability exists in Project Worlds Online Doctor Appointment Booking System version 1.0, which stems from an incorrect manipulation of a parameter ID...

9.8CVSS7.9AI score0.00513EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/04/03 12:0 a.m.4 views

API Platform Core 安全漏洞

API Platform Core is a server component of API Platform open source by API Platform. A security vulnerability exists in API Platform Core versions prior to 4.0.21 that stems from a GraphQL license that may cache different objects...

7.5CVSS6.4AI score0.00411EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/04/03 12:0 a.m.2 views

Project Worlds Online Doctor Appointment Booking System 注入漏洞

Project Worlds Online Doctor Appointment Booking System is an online doctor appointment booking system from Project Worlds, Inc. An injection vulnerability exists in Project Worlds Online Doctor Appointment Booking System version 1.0, which stems from a misbehavior of parameter q that can lead to...

9.8CVSS7.9AI score0.00544EPSS
Exploits1References4
OSV
OSV
added 2025/04/02 6:15 a.m.1 views

DEBIAN-CVE-2024-36465

A low privilege regular Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter...

8.8CVSS8.5AI score0.23028EPSS
Exploits0References1
OSV
OSV
added 2025/04/01 6:15 a.m.3 views

CVE-2025-30886

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in JoomSky JS Help Desk allows SQL Injection. This issue affects JS Help Desk: from n/a through 2.9.2...

10CVSS7.3AI score0.00465EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.4 views

WordPress plugin Salesmate Add-On for Gravity Forms SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A SQL injection vulnerability exists in WordPress...

9.3CVSS9.2AI score0.00448EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.3 views

WordPress plugin JS Help Desk SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

9.3CVSS9AI score0.00465EPSS
Exploits0References2
Rows per page
Query Builder