Lucene search
K

8283 matches found

CNNVD
CNNVD
added 2025/01/15 12:0 a.m.3 views

dingfanzu 安全漏洞

dingfanzu is a php based takeaway ordering website. A SQL injection vulnerability exists in dingfanzu v1.0, which stems from the application's lack of validation of externally entered SQL statements. A local attacker can exploit this vulnerability to execute arbitrary code via the contents of the...

7.1CVSS8.3AI score0.00204EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.3 views

WordPress plugin Neon Product Designer SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

8.5CVSS8.8AI score0.00386EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/15 12:0 a.m.5 views

PT-2025-4754 · Unknown · Dingfanzu Cms

Name of the Vulnerable Software and Affected Versions: dingfanzuCMS version 1.0 Description: The issue allows a local attacker to execute arbitrary code due to incorrect filtering of content at the checkOrder.php shopId module. This enables the attacker to perform SQL injection attacks...

7.1CVSS8.4AI score0.00204EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.4 views

DDSN Interactive cm3 Acora CMS 安全漏洞

DDSN Interactive cm3 Acora CMS is an enterprise web and mobile CMS from DDSN Interactive. A security vulnerability exists in DDSN Interactive cm3 Acora CMS version 10.1.1 that stems from the presence of a SQL injection vulnerability that allows an attacker to execute arbitrary code via the table...

8.1CVSS8.5AI score0.00906EPSS
Exploits0References2
OSV
OSV
added 2025/01/14 2:15 p.m.1 views

CVE-2024-35275

A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, FortiManager version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests...

8.8CVSS5.8AI score0.0079EPSS
Exploits0References1
OSV
OSV
added 2025/01/14 2:15 p.m.2 views

CVE-2023-37931

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability CWE-88 in FortiVoice Entreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to perform a blind sql injection attack via sending crafted HTTP or HTTPS requests...

8.8CVSS5.8AI score0.00769EPSS
Exploits0References1
OSV
OSV
added 2025/01/14 1:15 a.m.1 views

DEBIAN-CVE-2024-57644

An issue in the itchashcompare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS7.5AI score0.00551EPSS
Exploits1References1
OSV
OSV
added 2025/01/14 1:15 a.m.1 views

CVE-2024-57623

An issue in the HEAPmalloc component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.8AI score0.007EPSS
Exploits1References1
OSV
OSV
added 2025/01/14 1:15 a.m.3 views

CVE-2024-57622

An issue in the expbin component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.8AI score0.00562EPSS
Exploits1References1
OSV
OSV
added 2025/01/14 1:15 a.m.0 views

UBUNTU-CVE-2024-57653

An issue in the qstvecsetcopy component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.9AI score0.00722EPSS
Exploits1References3
OSV
OSV
added 2025/01/14 1:15 a.m.3 views

UBUNTU-CVE-2024-57647

An issue in the rowinsertcast component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.9AI score0.0065EPSS
Exploits1References3
OSV
OSV
added 2025/01/14 1:15 a.m.1 views

UBUNTU-CVE-2024-57655

An issue in the dfeninorder component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.9AI score0.00668EPSS
Exploits1References3
OSV
OSV
added 2025/01/14 1:15 a.m.3 views

UBUNTU-CVE-2024-57646

An issue in the psiginfo component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.9AI score0.00551EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.5 views

PT-2025-3522 · Openlink +1 · Openlink Virtuoso-Opensource +1

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.11 Description: The issue in the dfe n in order component of openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS via crafted SQL statements. Recommendations: For openlink...

7.5CVSS7.1AI score0.00668EPSS
Exploits1References12
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.4 views

Fortinet FortiPortal SQL注入漏洞

Fortinet FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for MSPs. Fortinet FortiPortal suffers from a SQL injection vulnerability that stems from improper...

4.3CVSS7.7AI score0.00359EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.30 views

Fortinet FortiWeb SQL注入漏洞

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, and other attacks to secure web applications and protect sensitive database content. A SQL injection vulnerability exists in...

2.7CVSS5.2AI score0.00392EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.4 views

PT-2025-3485 · Monetdb · Monetdb Server

Name of the Vulnerable Software and Affected Versions: MonetDB Server version 11.47.11 Description: An issue in the bind col exp component allows attackers to cause a Denial of Service DoS via crafted SQL statements. Recommendations: For MonetDB Server version 11.47.11, consider disabling the bin...

7.5CVSS7.5AI score0.0052EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2025/01/13 10:15 p.m.5 views

CVE-2023-42244

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vamvisits.php...

8.8CVSS6AI score0.00371EPSS
Exploits0References2
OSV
OSV
added 2025/01/13 10:15 p.m.2 views

CVE-2023-42243

In Selesta Visual Access Manager 4.42.2, an authenticated user can access the administrative page /common/vamSql.php, which allows for arbitrary SQL queries...

5.4CVSS5.9AI score
Exploits0References1
OSV
OSV
added 2025/01/13 3:15 a.m.5 views

CVE-2025-0410

A vulnerability classified as critical was found in liujianview gymxmjpa 1.0. This vulnerability affects the function MenberDaoInpl of the file src/main/java/com/liujian/gymxmjpa/controller/MenberConntroller.java. The manipulation of the argument hyname leads to sql injection. The attack can be...

8.8CVSS5.8AI score0.00499EPSS
Exploits1References5
Rows per page
Query Builder