Lucene search
K

8282 matches found

CNNVD
CNNVD
added 2025/03/22 12:0 a.m.4 views

PHPGurukul Art Gallery Management System 注入漏洞

Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter eid of art-enquiry.php. An attacker can exploit this...

9.8CVSS8.2AI score0.0041EPSS
Exploits1References6
OSV
OSV
added 2025/03/21 10:15 p.m.5 views

CVE-2025-2608

A vulnerability classified as critical has been found in PHPGurukul Banquet Booking System 1.2. This affects an unknown part of the file /admin/view-user-queries.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has be...

8.8CVSS5.8AI score0.00397EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/21 12:0 a.m.1 views

EBM Technologies EBM Maintenance Center SQL注入漏洞

EBM Technologies EBM Maintenance Center is a maintenance center platform from China-based EBM Technologies EBM Technologies. A SQL injection vulnerability exists in EBM Technologies EBM Maintenance Center versions prior to 25.04.31435, which stems from an SQL injection that could lead to a remote...

8.8CVSS7.8AI score0.00423EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.3 views

DB-GPT SQL注入漏洞

DB-GPT is an AWEL and agent-based AI native data application development framework open-sourced by eosphoros. DB-GPT version v0.6.0 suffers from a SQL injection vulnerability that originates from the web API POST /api/v1/editor/sql/run allows execution of arbitrary SQL queries, which can be...

9.8CVSS9.7AI score0.01083EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.4 views

LlamaIndex SQL注入漏洞

LlamaIndex is a data framework for LLM applications from LlamaIndex open source. A SQL injection vulnerability exists in LlamaIndex v0.12.3 and earlier versions, which stems from an unvalidated SQL query and could lead to a SQL injection attack...

10CVSS9.2AI score0.01311EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.4 views

LlamaIndex SQL注入漏洞

LlamaIndex is a data framework for LLM applications open-sourced by LlamaIndex. LlamaIndex suffers from a SQL injection vulnerability that stems from improperly constructed SQL queries, which could lead to SQL injection attacks...

9.8CVSS9.6AI score0.01311EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.2 views

DESCOR INFOCAD 安全漏洞

DESCOR INFOCAD is a software for BIM and facilities management from DESCOR Inc. It is used for integrated management of building information modeling and facilities. A security vulnerability exists in DESCOR INFOCAD 3.5.1 and prior versions that originates from SQL injection...

10CVSS7.2AI score0.00377EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.3 views

Vanna SQL注入漏洞

Vanna is a personalized AI SQL agent from Vanna. A SQL injection vulnerability exists in Vanna version v0.6.2. An attacker can execute arbitrary SQL commands by exploiting this vulnerability...

8.1CVSS8.7AI score0.00707EPSS
Exploits0References1
CNVD
CNVD
added 2025/03/19 12:0 a.m.2 views

Human Metapneumovirus Testing Management System /password-recovery.php File SQL Injection Vulnerability

Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. A SQL injection vulnerability exists in the Human Metapneumovirus Testing Management System due to a lack of validation of an externally-entered SQL statement in the parameter username in the...

9.8CVSS7.8AI score0.00487EPSS
Exploits1References1
CNVD
CNVD
added 2025/03/19 12:0 a.m.2 views

Doctor Appointment Management System /doctor/search.php File SQL Injection Vulnerability

Doctor Appointment Management System is a doctor appointment management system. Doctor Appointment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the searchdata parameter of file /doctor/search.php. An...

9.8CVSS8AI score0.00487EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/18 12:0 a.m.2 views

Vestel EVC04 Configuration Interface SQL注入漏洞

Vestel EVC04 Configuration Interface is an application from Vestel, Inc. Vestel EVC04 Configuration Interface versions 18.03.2025 and earlier have a SQL injection vulnerability that stems from improper neutralization of special elements in SQL commands, which can lead to SQL injection...

9.8CVSS7.9AI score0.00401EPSS
Exploits0References3
OSV
OSV
added 2025/03/17 4:15 p.m.2 views

CVE-2025-2384

A vulnerability, which was classified as critical, was found in code-projects Real Estate Property Management System 1.0. This affects an unknown part of the file /InsertCustomer.php of the component Parameter Handler. The manipulation of the argument...

7.5CVSS6.4AI score0.00383EPSS
Exploits1References5
OSV
OSV
added 2025/03/17 10:15 a.m.4 views

CVE-2025-2372

A vulnerability classified as critical has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This affects an unknown part of the file /password-recovery.php of the component Password Recovery Page. The manipulation of the argument username leads to sql injection. It is...

9.8CVSS5.7AI score0.00487EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.3 views

PHPGurukul Apartment Visitors Management System 安全漏洞

Apartment Visitors Management System is an apartment visitor management system. Apartment Visitors Management System suffers from a SQL injection vulnerability that stems from the lack of validation of an externally entered SQL statement for the parameter username. An attacker can exploit this...

9.8CVSS7.9AI score0.00487EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.2 views

Code-Projects Blood Bank Management System 注入漏洞

Code-Projects Blood Bank Management System is an open source blood bank management system from Code-Projects. An injection vulnerability exists in Code-Projects Blood Bank Management System version 1.0, which originates from an SQL injection...

7.2CVSS5.9AI score0.00458EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.3 views

Mingyuan Cloud Real Estate ERP System 注入漏洞

Mingyuan Cloud Real Estate ERP System is a real estate business management software from China-based Mingyuan Cloud. An injection vulnerability exists in Mingyuan Cloud Real Estate ERP System version 1.0, which originates from SQL injection and could allow a remote attacker to obtain, update, and...

6.5CVSS7AI score0.0028EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/03/17 12:0 a.m.8 views

The vulnerability of the FortiWeb web applications’ network interface filter component allows attackers to execute arbitrary commands.

The vulnerability of the log removal filter component in FortiWeb web applications is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary commands...

4CVSS6AI score0.00388EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.3 views

Code-Projects Online Class and Exam Scheduling System 注入漏洞

Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects open source. An injection vulnerability exists in Code-Projects Online Class and Exam Scheduling System version 1.0, which stems from an incorrect manipulation of the parameter i...

7.2CVSS5.8AI score0.00458EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.4 views

Code-Projects Online Class and Exam Scheduling System 安全漏洞

Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects open source. A security vulnerability exists in Code-Projects Online Class and Exam Scheduling System version 1.0, which stems from an incorrect manipulation of the parameters...

5.5CVSS7.4AI score0.00216EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.3 views

PHPGurukul Human Metapneumovirus Testing Management System 注入漏洞

Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. A SQL injection vulnerability exists in the Human Metapneumovirus Testing Management System due to a lack of validation of an externally-entered SQL statement in the parameter username in the...

9.8CVSS7.8AI score0.00487EPSS
Exploits1References6
Rows per page
Query Builder