Lucene search
K

8285 matches found

CNNVD
CNNVD
added 2024/12/26 12:0 a.m.4 views

Code-Projects Simple Admin Panel 安全漏洞

Code-Projects Simple Admin Panel is a simple admin panel for Code-Projects open source. A security vulnerability exists in Code-Projects Simple Admin Panel version 1.0, which stems from a SQL injection vulnerability in the record parameter of the catDeleteController.php file...

9.8CVSS7AI score0.00553EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/26 12:0 a.m.3 views

CodeAstro Blood Donor Management System 注入漏洞

CodeAstro Blood Donor Management System is a blood donor management system from CodeAstro. An injection vulnerability exists in CodeAstro Blood Donor Management System version 1.0, which stems from an incorrect manipulation of the parameter id that can lead to SQL injection...

8.8CVSS7AI score0.00446EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/12/26 12:0 a.m.5 views

PT-2024-9923 · Unknown · Job Recruitment

Name of the Vulnerable Software and Affected Versions: Job Recruitment version 1.0 Description: A critical vulnerability has been found in the function fln update of the file / parse/ all edits.php. The issue is related to the lack of neutralization of special elements when processing the...

9.8CVSS8.1AI score0.00599EPSS
Exploits1References13
CNNVD
CNNVD
added 2024/12/26 12:0 a.m.5 views

Code-Projects Simple Admin Panel 安全漏洞

Code-Projects Simple Admin Panel is a simple admin panel for Code-Projects open source. A security vulnerability exists in Code-Projects Simple Admin Panel version 1.0, which stems from a qty parameter SQL injection vulnerability in the addVariationController.php file...

8.8CVSS7AI score0.00528EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/12/25 12:0 a.m.7 views

PT-2024-17795 · Unknown · Codezips Project Management System

Name of the Vulnerable Software and Affected Versions: Codezips Project Management System version 1.0 Description: A critical vulnerability was found in the Codezips Project Management System. It affects an unknown functionality of the file /pages/forms/advanced.php. The manipulation of the name...

8.8CVSS7.2AI score0.00508EPSS
Exploits1References10
BDU FSTEC
BDU FSTEC
added 2024/12/25 12:0 a.m.5 views

The vulnerability of the PUT Request Handler component in the Apache Traffic Control system, a component used in building CDN networks, allows attackers to execute arbitrary code.

The vulnerability of the PUT Request Handler component in the Apache Traffic Control system for building CDN networks is related to the lack of measures taken to protect the SQL request structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing...

9.9CVSS8.6AI score0.41841EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/12/25 12:0 a.m.3 views

Codezips Project Management System 注入漏洞

Codezips Project Management System is a project management system that provides project management, task assignment and other features. A SQL injection vulnerability exists in the /pages/forms/advanced.php file in Codezips Project Management System version 1.0, which stems from insufficient...

8.8CVSS7.9AI score0.00508EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/12/25 12:0 a.m.3 views

WordPress plugin NEX-Forms SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A SQL injection...

4.9CVSS8.6AI score0.00578EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/12/24 12:17 a.m.6 views

WordPress BookingPress plugin <= 1.1.21 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by shaman0x01 in WordPress Plugin BookingPress versions = 1.1.21...

6.5CVSS8.1AI score0.00484EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/12/24 12:0 a.m.3 views

Redshift ODBC Driver 安全漏洞

Redshift ODBC Driver is an Amazon ODBC driver that is open source by Amazon Web Services. A security vulnerability exists in Redshift ODBC Driver version 2.1.5.0, which stems from an SQL injection vulnerability that could allow a user to gain escalated privileges via the SQLTables or SQLColumns...

8.6CVSS7.9AI score0.00454EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/23 12:0 a.m.3 views

Apache Traffic Control 安全漏洞

Apache Traffic Control is the United States Apache Apache Foundation's set of distributed , scalable content delivery solutions. The product is mainly used to build large-scale content delivery network. Apache Traffic Control suffers from a SQL injection vulnerability that stems from a lack of...

9.9CVSS9.8AI score0.41841EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/23 12:0 a.m.4 views

PT-2024-36674 · Vibebp · Vibebp

Name of the Vulnerable Software and Affected Versions: VibeBP versions prior to 1.9.9.7.7 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: For...

9.3CVSS9.9AI score0.00588EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/12/22 12:0 a.m.3 views

Code-Projects Online Exam Mastering System 注入漏洞

Code-Projects Online Exam Mastering System is a Code-Projects open source online exam system. An injection vulnerability exists in code-projects Online Exam Mastering System version 1.0, which is caused by an SQL injection into the parameter eid...

8.8CVSS7AI score0.00508EPSS
Exploits1References6
CNVD
CNVD
added 2024/12/20 12:0 a.m.1 views

Beauty Parlour Management System login.php File SQL Injection Vulnerability

Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the...

9.8CVSS8.1AI score0.00618EPSS
Exploits1References1
CNVD
CNVD
added 2024/12/20 12:0 a.m.2 views

Online Class and Exam Scheduling System subject_update.php File SQL Injection Vulnerability

Online Class and Exam Scheduling System is an online class and exam scheduling system. The Online Class and Exam Scheduling System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter id of file...

8.8CVSS8.3AI score0.00534EPSS
Exploits1References1
CNVD
CNVD
added 2024/12/20 12:0 a.m.3 views

Online Class and Exam Scheduling System term.php File SQL Injection Vulnerability

Online Class and Exam Scheduling System is an online class and exam scheduling system. The Online Class and Exam Scheduling System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter id of the file /pages/term.php. ...

8.8CVSS8.3AI score0.00534EPSS
Exploits1References1
OSV
OSV
added 2024/12/19 6:15 p.m.4 views

CVE-2024-12794

A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. This affects an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to sql injection. It is possible to initiate the attack remotely. The exploit...

9.8CVSS5.7AI score0.00525EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2024/12/19 2:15 p.m.4 views

CVE-2024-10244

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ISDO Software Web Software allows SQL Injection. This issue affects Web Software: before 3.6...

9.8CVSS7.5AI score0.00495EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/19 12:0 a.m.5 views

1000 Projects Attendance Tracking Management System 注入漏洞

1000 Projects Attendance Tracking Management System is an open source attendance management system from 1000 Projects. An injection vulnerability exists in 1000 Projects Attendance Tracking Management System version 1.0, which originates from an SQL injection vulnerability in the studentemailid...

9.8CVSS7.8AI score0.00635EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.3 views

PT-2024-17738 · Unknown · Codezips Technical Discussion Forum

Name of the Vulnerable Software and Affected Versions: Codezips Technical Discussion Forum version 1.0 Description: A critical issue affects some unknown functionality of the file signinpost.php. The manipulation of the username argument leads to SQL injection. The attack may be launched remotely...

9.8CVSS8.1AI score0.00763EPSS
Exploits1References8
Rows per page
Query Builder