Lucene search
K

8282 matches found

CNNVD
CNNVD
added 2025/01/29 12:0 a.m.3 views

RuoYi 安全漏洞

RuoYi is a backend management system by the individual developer RuoYi in China. A security vulnerability exists in RuoYi v4.8.0, which is caused by an SQL injection via the orderby parameter in /monitor/online/list...

6.5CVSS7.7AI score0.00475EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/01/29 12:0 a.m.4 views

EsafeNet CDG 安全漏洞

EsafeNet CDG is a document security management system from EsafeNet. A security vulnerability exists in EsafeNet CDG version V5, which originates from the parameter flowId in the file /sdDoneDetail.jsp that can lead to SQL injection...

9.8CVSS6.8AI score0.00513EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/01/29 12:0 a.m.3 views

PT-2025-4060 · Codezips · Codezips Gym Management System

Name of the Vulnerable Software and Affected Versions: Codezips Gym Management System version 1.0 Description: A critical issue has been found in the system, affecting some unknown functionality of the file "/dashboard/admin/submit plan new.php". The manipulation of the planid argument leads to s...

9.8CVSS7.9AI score0.00647EPSS
Exploits1References11
SUSE CVE
SUSE CVE
added 2025/01/28 12:19 a.m.1 views

SUSE CVE-2025-24368

Cacti is an open source performance and fault management framework. Some of the data stored in automationtreerules.php is not thoroughly checked and is used to concatenate the SQL statement in buildruleitemfilter function from lib/apiautomation.php, resulting in SQL injection. This vulnerability ...

7.5CVSS7.4AI score0.00492EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/01/28 12:0 a.m.3 views

VMware Avi Load Balancer 安全漏洞

VMware Avi Load Balancer is a load balancing platform from VMware. A security vulnerability exists in VMware Avi Load Balancer. An attacker could exploit the vulnerability to gain database access using specially crafted SQL queries...

8.6CVSS9.2AI score0.00633EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/28 12:0 a.m.8 views

IBM Sterling B2B Integrator SQL注入漏洞

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. IBM Sterling B2B Integrator suffe...

9.8CVSS8.1AI score0.00341EPSS
Exploits0References1
OSV
OSV
added 2025/01/27 5:15 p.m.1 views

UBUNTU-CVE-2024-54145

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the getdiscoveryresults function of automationdevices.php using the network parameter. This vulnerability is fixed in 1.2.29...

8.8CVSS7.4AI score0.00657EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/01/27 12:0 a.m.4 views

PT-2025-5485 · Enituretechnology · Enituretechnology Ltl Freight Quotes – Worldwide Express Edition

Name of the Vulnerable Software and Affected Versions: Eniture Technology LTL Freight Quotes – Worldwide Express Edition versions 5.0.20 and earlier Description: The issue is related to improper neutralization of special elements used in an SQL command, which allows SQL injection. This means an...

9.3CVSS9.9AI score0.00377EPSS
Exploits0References7
OSV
OSV
added 2025/01/25 3:15 p.m.3 views

CVE-2024-35148

IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...

8.8CVSS5.9AI score0.00346EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/24 11:47 a.m.6 views

WordPress SERPed.net Plugin <= 4.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin SERPed.net versions = 4.4...

8.5CVSS8.1AI score0.00438EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.4 views

PT-2025-4010 · Joeybling · Bootplus

Name of the Vulnerable Software and Affected Versions: JoeyBling bootplus versions up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d Description: A critical issue has been found in JoeyBling bootplus, affecting an unknown part of the file /admin/sys/user/list. The manipulation of the sort argument...

6.5CVSS7.2AI score0.0038EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.5 views

PT-2025-4007 · Joeybling · Bootplus

Name of the Vulnerable Software and Affected Versions: JoeyBling bootplus versions up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d Description: A critical issue has been found, allowing for remote SQL injection. The manipulation of the sort/order argument in an unknown function of the file...

6.5CVSS7.1AI score0.00408EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/01/24 12:0 a.m.5 views

PT-2025-5490 · Unknown · Serped.Net

Name of the Vulnerable Software and Affected Versions: SERPed.net versions n/a through 4.4 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection, potentially compromising data...

8.5CVSS8.4AI score0.00438EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.6 views

PT-2025-1435 · Unknown · Synnefo Internet Management

Name of the Vulnerable Software and Affected Versions: Synnefo Internet Management Software versions 2023 and earlier Description: A SQL injection issue exists due to improper input validation in a specific API endpoint parameter, allowing an attacker to manipulate SQL queries via crafted input...

9.8CVSS8.3AI score0.00418EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.3 views

Synnefo Internet Management Software 安全漏洞

Synnefo Internet Management Software SynnefoIMS is an Internet management software from Synnefo, Inc. A security vulnerability exists in Synnefo Internet Management Software version 2023 and prior releases that stems from the presence of a SQL injection vulnerability...

9.8CVSS7.8AI score0.00418EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2025/01/22 12:0 a.m.5 views

VulnCheck KEV: CVE-2024-32739

A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryptaskverbose" function within MCUDBHelper...

7.5CVSS5.8AI score0.05408EPSS
Exploits0References1
OSV
OSV
added 2025/01/21 11:15 a.m.3 views

CVE-2024-13230

The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Limited SQL Injection via the ‘SuperSocializerKey’ parameter in all versions up to, and including, 7.14 due to insufficient escaping on the user supplied parameter and lack of...

5.3CVSS5.8AI score0.00423EPSS
Exploits0References3
OSV
OSV
added 2025/01/21 11:15 a.m.2 views

UBUNTU-CVE-2024-43709

An allocation of resources without limits or throttling in Elasticsearch can lead to an OutOfMemoryError exception resulting in a crash via a specially crafted query using an SQL function...

7.5CVSS7.2AI score0.00597EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.2 views

WordPress plugin ARPrice SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

9.3CVSS8.9AI score0.00345EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.3 views

WordPress plugin Hero Mega Menu SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

8.5CVSS8.8AI score0.00353EPSS
Exploits0References2
Rows per page
Query Builder