Lucene search
K

8281 matches found

CNNVD
CNNVD
added 2025/04/01 12:0 a.m.33 views

Clinic’s Patient Management System SQL注入漏洞

Clinic's Patient Management System is a patient management system for a clinic in Carlo Montero. A security vulnerability exists in Clinic's Patient Management System version 2.0, which originates from a SQL injection vulnerability on the login page...

9.3CVSS9.4AI score0.02598EPSS
Exploits4References3
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.6 views

PT-2025-37310

Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.30 Description The Chamilo learning management system has an OS Command Injection issue. This occurs due to a failure to neutralize special elements used in the operating system command. Successful exploitation...

8.7CVSS6.2AI score0.02657EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.5 views

PT-2025-35788

Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 1.11.30 Description The Chamilo LMS system has an issue due to inadequate validation of XML object sequences. Successful exploitation could allow a remote attacker to execute arbitrary SQL queries. The application...

8.8CVSS6.2AI score0.00733EPSS
Exploits1References17
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.4 views

WordPress plugin Advanced WooCommerce Product Sales Reporting SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

9.3CVSS9.3AI score0.00486EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.3 views

WordPress plugin Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One SQL注入漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Ai Auto Tool Content Writing Assistant Gemini...

8.5CVSS8.8AI score0.00395EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.2 views

WordPress plugin XV Random Quotes SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

9.3CVSS9.2AI score0.00427EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/04/01 12:0 a.m.3 views

The vulnerability of the CLI component of the Fortinet FortiManager device management software and the FortiAnalyzer and FortiAnalyzer-BigData security event monitoring and analysis tools allows a attacker to execute arbitrary commands or code.

The vulnerability of the CLI component of the Fortinet FortiManager device management software, as well as the FortiAnalyzer and FortiAnalyzer-BigData security event monitoring and analysis tools, is related to the lack of protective measures for the SQL query structure. Exploiting this...

4.3CVSS6AI score0.00171EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.5 views

The vulnerability of the itc_sample_row_check component in the Virtuoso-OpenSource web application development platform allows a hacker to trigger a service failure.

The vulnerability of the itcsamplerowcheck component in the Virtuoso-OpenSource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability allows an attacker to cause service interruptions by sending speciall...

7.8CVSS7.3AI score0.00845EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.6 views

The vulnerability of the itc_set_param_row component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the itcsetparamrow component in the Virtuoso-OpenSource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially...

7.8CVSS7.3AI score0.0088EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.4 views

The vulnerability of the qst_vec_set component in the virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the qstvecset component in the virtuoso-opensource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially crafted...

7.8CVSS7.3AI score0.00551EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.6 views

The vulnerability of the row_insert_cast component in the virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the rowinsertcast component in the virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially crafted...

7.8CVSS7.3AI score0.0065EPSS
Exploits1References4Affected Software2
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.3 views

PiExtract SOOP-CLM SQL注入漏洞

PiExtract SOOP-CLM is a cost-effective enterprise-level centralized log management solution from China Xinyan PiExtract. A SQL injection vulnerability exists in PiExtract SOOP-CLM versions v5.1.0 through v5.3.0, which stems from an SQL injection that could result in reading, modifying, and deleti...

9.8CVSS7.8AI score0.00456EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.4 views

The vulnerability of the sqlo_expand_jts component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the sqloexpandjts component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially crafted...

7.8CVSS7.3AI score0.00684EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.5 views

The vulnerability of the qst_vec_set_copy component in the Virtuoso-OpenSource web application development platform allows a hacker to trigger a service failure.

The vulnerability of the qstvecsetcopy component in the Virtuoso-OpenSource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially crafted...

7.8CVSS7.3AI score0.00722EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.7 views

The vulnerability of the dfe_unit_gb_dependant component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the dfeunitgbdependant component in the virtuoso-opensource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability allows an attacker to cause service interruptions by sending special...

7.8CVSS7.3AI score0.00703EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.6 views

The vulnerability of the sql_tree_hash_1 component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the sqltreehash1 component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially...

7.8CVSS7.3AI score0.00722EPSS
Exploits1References4Affected Software2
Patchstack
Patchstack
added 2025/03/28 10:34 a.m.3 views

WordPress Slider by BestWebSoft plugin <= 1.1.0 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by domiee13 in WordPress Plugin Slider by BestWebSoft versions = 1.1.0...

7.6CVSS8AI score0.00318EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2025/03/28 12:0 a.m.2 views

Bank Locker Management System profile.php file SQL Injection Vulnerability

Bank Locker Management System is a bank locker management system. Bank Locker Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the profile.php file's parameter mobilenumber. An attacker can exploit this...

9.8CVSS8.3AI score0.00481EPSS
Exploits1References1
CNVD
CNVD
added 2025/03/28 12:0 a.m.1 views

Bank Locker Management System changeidproof.php File SQL Injection Vulnerability

Bank Locker Management System is a bank locker management system. Bank Locker Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the editid parameter of the changeidproof.php file. An attacker can exploit thi...

9.8CVSS8.2AI score0.00481EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/03/27 11:20 a.m.5 views

WordPress JS Help Desk plugin <= 2.9.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin JS Help Desk versions = 2.9.2...

10CVSS8.1AI score0.00465EPSS
Exploits0Affected Software1
Rows per page
Query Builder