Lucene search
K

8287 matches found

Patchstack
Patchstack
added 2025/01/03 3:16 p.m.5 views

WordPress BSK Forms Blacklist plugin <= 3.9 - CSRF to SQL Injection vulnerability

CSRF to SQL Injection vulnerability discovered by minhtuanact Patchstack Alliance in WordPress Plugin BSK Forms Blacklist versions = 3.9...

8.2CVSS8AI score0.00187EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/01/03 2:15 a.m.2 views

CVE-2025-0176

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /user/addcart.php. The manipulation of the argument id/qty leads to sql injection. The attack may be initiated...

7.5CVSS5.8AI score
Exploits0References5
CNNVD
CNNVD
added 2025/01/03 12:0 a.m.4 views

Code-Projects Point of Sales and Inventory Management System 注入漏洞

Code-Projects Point of Sales and Inventory Management System is an open source point of sale and inventory management system from Code-Projects. An injection vulnerability exists in Code-Projects Point of Sales and Inventory Management System version 1.0, which originates from an SQL injection...

6.5CVSS7AI score0.00414EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/03 12:0 a.m.2 views

Silverpeas 安全漏洞

Silverpeas is a suite of open source business collaboration platforms from Silverpeas Open Source. The platform includes applications for project management, blogs, forums and document management. A security vulnerability exists in Silverpeas version 6.4.1, which stems from the presence of a SQL...

7.5CVSS7.6AI score0.00523EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.3 views

SourceCodester Online Eyewear Shop 注入漏洞

SourceCodester Online Eyewear Shop is a SourceCodester open source online eyewear store website project developed using PHP and MySQL, which provides an online shopping and ordering platform for the eyewear business and its potential customers. An injection vulnerability exists in SourceCodester...

7.5CVSS7.1AI score0.00521EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.5 views

PT-2025-37306

Name of the Vulnerable Software and Affected Versions: Zabbix affected versions not specified Description: A Zabbix administrator can inject arbitrary SQL during the autoremoval of hosts. This is achieved by inserting malicious SQL into the Visible name field. Recommendations: At the moment, ther...

8.5CVSS6.8AI score0.01188EPSS
Exploits0References26
CNNVD
CNNVD
added 2024/12/31 12:0 a.m.8 views

WordPress plugin Userpro SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

8.5CVSS8.8AI score0.0037EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/30 12:0 a.m.2 views

Complaint Management System /admin/state.php File SQL Injection Vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that stems from a lack of sufficient validation of the input of the state parameter in the /admin/state.php file. No details of the vulnerability are available at...

9.8CVSS8.1AI score0.00539EPSS
Exploits1References1
CNVD
CNVD
added 2024/12/30 12:0 a.m.3 views

Small CRM /admin/quote-details.php File SQL Injection Vulnerability

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability, which originates from an SQL injection vulnerability in the id parameter of the /admin/quote-details.php file. An attacker can exploit this vulnerability to obtain sensitive information o...

9.8CVSS7.7AI score0.0047EPSS
Exploits1References1
CNVD
CNVD
added 2024/12/30 12:0 a.m.2 views

Chat System chatroom.php File SQL Injection Vulnerability

Chat System is a chat system. Chat System suffers from an SQL injection vulnerability that stems from the file /admin/chatroom.php not adequately validating and filtering the input of the id parameter. An attacker can exploit this vulnerability to obtain sensitive information...

8.8CVSS7.8AI score0.0038EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/30 12:0 a.m.3 views

Complaint Management System /admin/category.php File SQL Injection Vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from an SQL injection vulnerability that stems from a lack of sufficient validation of the input of the state parameter in the /admin/category.php file. No details of the vulnerability are available ...

9.8CVSS8.1AI score0.00735EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/30 12:0 a.m.5 views

PT-2024-17895 · Codeastro · Codeastro Simple Loan Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Simple Loan Management System version 1.0 Description: A critical issue has been found in the CodeAstro Simple Loan Management System. The problem affects an unknown functionality of the /index.php file in the Login component...

9.8CVSS7.9AI score0.00744EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2024/12/30 12:0 a.m.4 views

PT-2024-32028 · Veritas · Veritas Data Insight

Name of the Vulnerable Software and Affected Versions: Veritas / Arctera Data Insight versions prior to 7.1.1 Description: The issue allows Application Administrators to conduct SQL injection attacks, potentially leading to information disclosure. This is due to improper neutralization of special...

6.5CVSS8.2AI score0.00557EPSS
Exploits0References6
OSV
OSV
added 2024/12/29 4:15 a.m.3 views

CVE-2024-13003

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /updateed.php. The manipulation of the argument eid leads to sql injection. The attack may be launched remotely. The...

9.8CVSS5.8AI score0.00655EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/12/29 12:0 a.m.4 views

College Management System 安全漏洞

College Management System is a simple project organized by Code Projects. It is used to keep track of students, teachers, subjects, schedules and all things related to the university. A security vulnerability exists in College Management System version 1.0, which stems from the fact that incorrec...

8.8CVSS6.9AI score0.00643EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/29 12:0 a.m.4 views

Codezips Event Management System 注入漏洞

Codezips Event Management System is an open source event management system from Codezips. An injection vulnerability exists in Codezips Event Management System version 1.0, which stems from an incorrect manipulation of the parameter title that can lead to SQL injection...

9.8CVSS7.1AI score0.00687EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/12/29 12:0 a.m.3 views

PHPGurukul Complaint Management System 注入漏洞

Complaint Management System is a complaint management system. Complaint Management System suffers from an SQL injection vulnerability that stems from a lack of sufficient validation of the input of the state parameter in the /admin/category.php file. No details of the vulnerability are available ...

9.8CVSS8AI score0.00735EPSS
Exploits1References5
OSV
OSV
added 2024/12/26 9:15 a.m.5 views

CVE-2024-12943

A vulnerability was found in CodeAstro House Rental Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ownersignup.php. The manipulation of the argument f/e/p/m/o/n/c/s/ci/a leads to sql injection. The attack can be...

9.8CVSS5.7AI score0.00636EPSS
Exploits1References5
OSV
OSV
added 2024/12/26 6:15 a.m.3 views

CVE-2024-12938

A vulnerability has been found in code-projects Simple Admin Panel 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file updateOrderStatus.php. The manipulation of the argument record leads to sql injection. The attack can be launched remotely. The...

9.1CVSS5.8AI score
Exploits0References4
CNNVD
CNNVD
added 2024/12/26 12:0 a.m.2 views

1000 Projects Portfolio Management System MCA 注入漏洞

1000 Projects Portfolio Management System MCA is an open source portfolio management system from 1000 Projects. An injection vulnerability exists in 1000 Projects Portfolio Management System MCA version 1.0, which stems from an incorrect manipulation of the parameter username/password that can le...

9.8CVSS7.7AI score0.00636EPSS
Exploits1References5
Rows per page
Query Builder