Lucene search
K

8289 matches found

OSV
OSV
added 2024/12/19 6:15 p.m.4 views

CVE-2024-12794

A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. This affects an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to sql injection. It is possible to initiate the attack remotely. The exploit...

9.8CVSS5.7AI score0.00525EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2024/12/19 2:15 p.m.4 views

CVE-2024-10244

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ISDO Software Web Software allows SQL Injection. This issue affects Web Software: before 3.6...

9.8CVSS7.5AI score0.00495EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/19 12:0 a.m.5 views

1000 Projects Attendance Tracking Management System 注入漏洞

1000 Projects Attendance Tracking Management System is an open source attendance management system from 1000 Projects. An injection vulnerability exists in 1000 Projects Attendance Tracking Management System version 1.0, which originates from an SQL injection vulnerability in the studentemailid...

9.8CVSS7.8AI score0.00635EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.3 views

PT-2024-17738 · Unknown · Codezips Technical Discussion Forum

Name of the Vulnerable Software and Affected Versions: Codezips Technical Discussion Forum version 1.0 Description: A critical issue affects some unknown functionality of the file signinpost.php. The manipulation of the username argument leads to SQL injection. The attack may be launched remotely...

9.8CVSS8.1AI score0.00763EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.3 views

PT-2024-17734

Name of the Vulnerable Software and Affected Versions itsourcecode Vehicle Management System version 1.0 Description A critical issue has been found in the itsourcecode Vehicle Management System, affecting an unknown function of the file editbill.php. The manipulation of the id argument leads to...

9.8CVSS6.4AI score0.00539EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2024/12/18 12:0 a.m.4 views

PT-2024-17343 · WordPress · The Travel Booking Wordpress Theme

Name of the Vulnerable Software and Affected Versions: The Travel Booking WordPress Theme versions up to, and including, 3.1.6 Description: The issue is a blind time-based SQL Injection vulnerability. It affects the order id parameter due to insufficient escaping on the user-supplied parameter an...

7.5CVSS9.8AI score0.00453EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2024/12/17 2:15 p.m.3 views

CVE-2024-8972

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mobil365 Informatics Saha365 App allows SQL Injection. This issue affects Saha365 App: before 30.09.2024...

9.8CVSS5.8AI score0.00424EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.2 views

Mobil365 Informatics Saha365 SQL注入漏洞

Mobil365 Informatics Saha365 is an application from Mobil365 Informatics, Inc. Mobil365 Informatics Saha365 suffers from a SQL injection vulnerability that stems from an improper neutralization of a special element...

9.8CVSS7.9AI score0.00424EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.4 views

PT-2024-39346 · Unknown · Saha365 App

Name of the Vulnerable Software and Affected Versions: Saha365 App versions prior to 30.09.2024 Description: The issue is related to the improper neutralization of special elements used in an SQL command, allowing SQL injection. This problem affects the Saha365 App. Recommendations: For versions...

9.8CVSS8.2AI score0.00424EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.2 views

WordPress plugin Mimoos SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

8.5CVSS9.2AI score0.00492EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.5 views

WordPress plugin Code Generator Pro SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

9.3CVSS9.4AI score0.00732EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.0 views

WordPress plugin WP Simple Pay Lite Manager SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

7.6CVSS9.1AI score0.00491EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.5 views

The vulnerability of the WhatsUp Gold network infrastructure monitoring system lies in the lack of protective measures for the SQL query structure, allowing attackers to gain unauthorized access to user data.

The vulnerability of the WhatsUp Gold network infrastructure monitoring system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to user accounts...

10CVSS8.1AI score0.94661EPSS
Exploits2References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.4 views

The vulnerability in the web interface of the Cisco Secure Firewall Management Center software for network administration allows a perpetrator to execute arbitrary SQL code.

The vulnerability of the Web interface for managing Cisco Secure Firewall Management Center software formerly known as Cisco Firepower Management Center is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute...

6.8CVSS6AI score0.00448EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.20 views

WordPress plugin Instant Appointment SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

9.3CVSS9.2AI score0.00513EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/16 12:0 a.m.3 views

PT-2024-36639 · Unknown · Serviceonline Service

Name of the Vulnerable Software and Affected Versions: serviceonline Service versions n/a through 1.0.4 Description: The issue is related to an 'SQL Injection' vulnerability, specifically improper neutralization of special elements used in an SQL command, allowing Blind SQL Injection. This proble...

8.5CVSS7.8AI score0.0048EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.2 views

Online Nurse Hiring System 安全漏洞

PHPGurukul Online Nurse Hiring System is an online nurse hiring system from PHPGurukul. A security vulnerability exists in Online Nurse Hiring System version v1.0, which stems from an SQL injection vulnerability found in the component /admin/profile.php via the fullname parameter...

7.2CVSS7.9AI score0.00559EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/12/16 12:0 a.m.8 views

PT-2024-36624 · Unknown · Etemplates

Name of the Vulnerable Software and Affected Versions: eTemplates versions 0.2.1 and earlier Description: The issue is related to the improper neutralization of special elements used in an SQL command, allowing SQL injection. This problem can be exploited to inject SQL code, potentially leading t...

9.3CVSS8.3AI score0.01169EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/12/16 12:0 a.m.8 views

PT-2024-36628 · Unknown · Site Intel

Name of the Vulnerable Software and Affected Versions: Critical Site Intel versions n/a through 1.0 Description: The issue is related to an improper neutralization of special elements used in an SQL command, also known as 'SQL Injection'. This allows for SQL Injection, which can be exploited...

9.3CVSS7.6AI score0.01144EPSS
Exploits2References5
Patchstack
Patchstack
added 2024/12/14 8:25 p.m.3 views

WordPress Service plugin <= 1.0.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Service versions = 1.0.4...

8.5CVSS8.1AI score0.0048EPSS
Exploits0Affected Software1
Rows per page
Query Builder