Lucene search
K

8283 matches found

OSV
OSV
added 2025/01/09 9:15 a.m.3 views

CVE-2025-0345

A vulnerability was found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this issue is the function listData of the file /sys/menu/listData. The manipulation of the argument order leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...

8.8CVSS5.8AI score0.00467EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/01/09 12:0 a.m.9 views

PT-2025-2914 · Unknown · Fancy Product Designer

Name of the Vulnerable Software and Affected Versions: Fancy Product Designer versions n/a through 6.4.3 Description: The issue is related to an improper neutralization of special elements used in an SQL command, also known as a SQL Injection vulnerability. This vulnerability can allow an attacke...

9.3CVSS9.8AI score0.16259EPSS
Exploits2References9
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.3 views

WordPress plugin Google Maps Travel Route SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Google Map...

8.5CVSS8.9AI score0.00362EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.4 views

cy-fast 注入漏洞

cy-fast is a SpringBoot based rapid development framework by chenyi personal developer. An injection vulnerability exists in cy-fast version 1.0, which is caused by SQL injection in the parameter order...

8.8CVSS7AI score0.00467EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.2 views

WordPress plugin Virtual Bot SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

9.3CVSS9AI score0.00377EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.4 views

BigAntSoft BigAnt office messenger 安全漏洞

BigAntSoft BigAnt office messenger is a server/client instant messaging program for enterprise environments from BigAntSoft Australia. A SQL injection vulnerability exists in BigAntSoft BigAnt office messenger. The vulnerability can be exploited to conduct a SQL injection attack via the "devcode"...

6.3CVSS7.9AI score0.01729EPSS
Exploits6References3
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.5 views

cy-fast 注入漏洞

cy-fast is a SpringBoot based rapid development framework by chenyi personal developer. An injection vulnerability exists in cy-fast version 1.0, which is caused by SQL injection in the parameter order...

8.8CVSS7AI score0.00467EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/01/09 12:0 a.m.2 views

PT-2025-1070 · Dell · Dell Powerscale Insightiq

Name of the Vulnerable Software and Affected Versions: Dell PowerScale InsightIQ affected versions not specified Description: The issue is related to a lack of protection for the SQL query structure in the Dell PowerScale InsightIQ software for performance monitoring and reporting. Exploitation o...

4.3CVSS7.4AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/08 12:0 a.m.3 views

The vulnerability of the query_to_xml_and_xmlschema/table_to_xml/table_to_xml_and_xmlschema function in the Apache Superset data visualization software allows a hacker to execute arbitrary SQL code.

The vulnerability of the querytoxmlandxmlschema/tabletoxml/tabletoxmlandxmlschema function exists due to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

6.5CVSS6AI score0.0079EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.3 views

WordPress plugin ClickWhale SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

8.5CVSS8.8AI score0.0037EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.3 views

Code-Projects Online Book Shop 安全漏洞

Code-Projects Online Book Shop is a Code-Projects open source online bookstore. A security vulnerability exists in Code-Projects Online Book Shop version 1.0, which originates from an SQL injection vulnerability in the usernm parameter of the /processlogin.php page...

9.8CVSS7AI score0.00873EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.2 views

WordPress plugin WordPress Auction Plugin SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress plugin...

7.6CVSS8.7AI score0.00458EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/06 12:0 a.m.3 views

编号撤回

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. This CVE number has...

6.8AI score
Exploits0References3
OSV
OSV
added 2025/01/05 10:15 p.m.2 views

CVE-2025-0232

A vulnerability was found in Codezips Blood Bank Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /successadmin.php. The manipulation of the argument psw leads to sql injection. The attack may be launched remotely. The exploit has...

8.8CVSS5.8AI score0.00499EPSS
Exploits1References4
OSV
OSV
added 2025/01/04 3:15 p.m.6 views

CVE-2024-41767

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...

7.3CVSS5.9AI score0.00303EPSS
Exploits0References1
OSV
OSV
added 2025/01/04 1:15 p.m.2 views

CVE-2025-0207

A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /function/login.php. The manipulation of the argument password leads to sql injection. The attack may be launched remotely. Th...

9.8CVSS5.7AI score0.00673EPSS
Exploits1References5
Patchstack
Patchstack
added 2025/01/03 3:16 p.m.5 views

WordPress BSK Forms Blacklist plugin <= 3.9 - CSRF to SQL Injection vulnerability

CSRF to SQL Injection vulnerability discovered by minhtuanact Patchstack Alliance in WordPress Plugin BSK Forms Blacklist versions = 3.9...

8.2CVSS8AI score0.00187EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/01/03 2:15 a.m.2 views

CVE-2025-0176

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /user/addcart.php. The manipulation of the argument id/qty leads to sql injection. The attack may be initiated...

7.5CVSS5.8AI score
Exploits0References5
CNNVD
CNNVD
added 2025/01/03 12:0 a.m.4 views

Code-Projects Point of Sales and Inventory Management System 注入漏洞

Code-Projects Point of Sales and Inventory Management System is an open source point of sale and inventory management system from Code-Projects. An injection vulnerability exists in Code-Projects Point of Sales and Inventory Management System version 1.0, which originates from an SQL injection...

6.5CVSS7AI score0.00414EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/03 12:0 a.m.2 views

Silverpeas 安全漏洞

Silverpeas is a suite of open source business collaboration platforms from Silverpeas Open Source. The platform includes applications for project management, blogs, forums and document management. A security vulnerability exists in Silverpeas version 6.4.1, which stems from the presence of a SQL...

7.5CVSS7.6AI score0.00523EPSS
Exploits1References3
Rows per page
Query Builder