Lucene search
K

8289 matches found

Patchstack
Patchstack
added 2024/12/14 8:20 p.m.6 views

WordPress Share Buttons – Social Media plugin <= 1.0.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Share Buttons – Social Media versions = 1.0.2...

9.3CVSS8.1AI score0.01668EPSS
Exploits1Affected Software1
Patchstack
Patchstack
added 2024/12/14 8:4 p.m.3 views

WordPress TSB Occasion Editor plugin <= 1.2.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin TSB Occasion Editor versions = 1.2.1...

8.5CVSS8.1AI score0.00492EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2024/12/13 12:0 a.m.3 views

Dell Avamar SQL Injection Vulnerability (CNVD-2025-18249)

Dell Avamar is a data backup and recovery software. A SQL injection vulnerability exists in Dell Avamar. The vulnerability stems from a lack of proper neutralization of specific elements used in SQL commands. An attacker could exploit the vulnerability to execute commands...

8.8CVSS8.1AI score0.00626EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/13 12:0 a.m.1 views

Online Class and Exam Scheduling System class_update.php File SQL Injection Vulnerability

Online Class and Exam Scheduling System is an online class and exam scheduling system. The Online Class and Exam Scheduling System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the id parameter of the classupdate.php page. ...

8.8CVSS8.3AI score0.00507EPSS
Exploits1References1
OSV
OSV
added 2024/12/12 7:15 p.m.2 views

CVE-2024-54811

A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter...

9.8CVSS6.1AI score0.00601EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.4 views

wetech-cms 注入漏洞

wetech-cms is a content management system by Cheng Jinbao, an individual developer. An injection vulnerability exists in wetech-cms version 1.0 to 1.2, which is prone to SQL injection attacks...

8.8CVSS7AI score0.00524EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.4 views

The vulnerability of the DeviceManager component in the Visteon Infotainment automotive application platform allows a hacker to execute arbitrary SQL code within the root context.

The vulnerability of the DeviceManager component in the Visteon Infotainment automotive application platform relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL code within the root context...

7.2CVSS7.6AI score0.00564EPSS
Exploits0References5Affected Software2
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.2 views

Code-Projects Online Class and Exam Scheduling System 安全漏洞

Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects, Inc. A security vulnerability exists in Code-Projects Online Class and Exam Scheduling System version 1.0, which stems from a parameter id in the file /pages/subjectupdate.php...

8.8CVSS6.9AI score0.00534EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/12/12 12:0 a.m.8 views

PT-2024-16986 · WordPress · Sql Chart Builder

Name of the Vulnerable Software and Affected Versions: SQL Chart Builder plugin for WordPress versions up to, and including, 2.3.6 Description: The issue arises from insufficient escaping on the user-supplied arg1 parameter and lack of sufficient preparation on the existing SQL query in the gvn...

6.5CVSS7.2AI score0.0052EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.3 views

XWiki Platform 安全漏洞

XWiki Platform is the XWiki open source suite of wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform versions 11.10.6 through 14.3-rc-1, which originates in getdocument.vm, where the order in which documents are returned is defined from th...

9.8CVSS6.4AI score0.00717EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.4 views

WordPress plugin AI Engine 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.2CVSS8.7AI score0.00584EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.5 views

code-projects Online Class and Exam Scheduling System 注入漏洞

Code-Projects Online Class and Exam Scheduling System is an online class and exam scheduling system from Code-Projects, Inc. An injection vulnerability exists in code-projects Online Class and Exam Scheduling System version 1.0, which stems from the parameter id of the file /pages/rankupdate.php...

8.8CVSS7.1AI score0.00534EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.3 views

wetech-cms 注入漏洞

wetech-cms is a content management system by Cheng Jinbao, an individual developer. An injection vulnerability exists in wetech-cms version 1.0 to 1.2, which is prone to SQL injection attacks...

8.8CVSS7AI score0.00561EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.5 views

Image Access Scan2Net 安全漏洞

Image Access Scan2Net is a scanning software from Image Access Germany. A security vulnerability exists in Image Access Scan2Net versions 7.40 and earlier, 7.42 and earlier, and 7.42B and earlier, which originates from an authenticated attacker who can perform SQL injection by accessing the...

4.4CVSS7.7AI score0.00284EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/12/11 7:42 p.m.5 views

WordPress Hive Support plugin <= 1.1.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Hive Support versions = 1.1.2...

8.5CVSS8.1AI score0.0048EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/12/10 11:15 a.m.5 views

CVE-2024-47484

Dell Avamar, versions prior to 19.12 with patch 338905, excluding 19.10 and 19.10SP1 with patch 338869, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. An unauthenticated attacker with remote access could potentially exploit this...

9.8CVSS5.9AI score
Exploits0References1
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.4 views

Ivanti CSA 安全漏洞

Ivanti CSA is a locally deployed virtual appliance from Ivanti that is designed to simplify the integration of IT service management with cloud services and support automated processes to improve operational efficiency. Ivanti CSA suffers from a SQL injection vulnerability that can be exploited b...

10CVSS8AI score0.23598EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.4 views

Dell Avamar SQL注入漏洞

Dell Avamar is a purpose-built backup application from Dell, Inc. It is designed to provide a conveniently sized, turnkey, affordable, deduplicated backup solution. Dell Avamar suffers from a SQL injection vulnerability that arises from an improper neutralization of special elements used in SQL...

8.8CVSS8.2AI score0.00421EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/12/10 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-35286

A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary...

9.8CVSS7.4AI score0.65559EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.4 views

PT-2024-32927 · Dell · Dell Avamar

Name of the Vulnerable Software and Affected Versions: Dell Avamar versions 19.x Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as a SQL Injection vulnerability. This could allow a low-privileged attacker with remote access t...

8.8CVSS8.2AI score0.00626EPSS
Exploits0References10
Rows per page
Query Builder