Lucene search
K

8289 matches found

OSV
OSV
added 2024/12/09 7:15 p.m.5 views

CVE-2024-54932

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deletedepartment.php...

9.8CVSS5.8AI score0.00486EPSS
Exploits1References1
OSV
OSV
added 2024/12/09 7:15 p.m.3 views

CVE-2024-54928

kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteteacher.php,...

7.2CVSS5.8AI score0.00465EPSS
Exploits1References1
OSV
OSV
added 2024/12/09 4:15 p.m.3 views

CVE-2022-38947

SQL Injection vulnerability in Flipkart-Clone-PHP version 1.0 in entry.php in producttitle parameter, allows attackers to execute arbitrary code...

9.8CVSS6.1AI score0.00626EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.3 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit the vulnerability to access the database by executing arbitrary SQL commands via the username, firstname,...

9.8CVSS7.6AI score0.00571EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.4 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from an SQL injection vulnerability in /admin/deleteusers.php...

7.2CVSS7.9AI score0.00465EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.2 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to gain unauthorized access to the database by executing arbitrary SQL commands via the...

9.8CVSS7.7AI score0.00555EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.5 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to gain unauthorized access to the database by executing arbitrary SQL commands via the...

9.8CVSS7.7AI score0.00571EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.5 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands to access the database via the department parameter...

9.8CVSS8AI score0.00571EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.2 views

Apache Superset SQL注入漏洞

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. An SQL injection vulnerability exists in Apache Superset versions prior to 4.1.0, which stems from improper neutralization of special elements in SQL commands, where specific engine functions are...

9.8CVSS7.5AI score0.0079EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.4 views

JFinalCMS 注入漏洞

JFinalCMS is an open source free JAVA enterprise website development and construction management system. JFinalCMS has a SQL injection vulnerability in version 1.0. The vulnerability is due to the failure to adequately validate and filter user-input data in the affected version, which can be...

8.8CVSS7.9AI score0.00507EPSS
Exploits1References4
Patchstack
Patchstack
added 2024/12/06 10:13 p.m.4 views

WordPress Beautiful Taxonomy Filters plugin <= 2.4.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Frissi0n in WordPress Plugin Beautiful Taxonomy Filters versions = 2.4.3...

7.5CVSS8.1AI score0.03487EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2024/12/06 12:15 p.m.7 views

PYSEC-2024-157

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...

9.8CVSS8AI score0.01424EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/12/06 12:0 a.m.2 views

QNAP Systems SMB 安全漏洞

QNAP Systems SMB is a network file sharing protocol from China-based QNAP Systems. A security vulnerability exists in QNAP Systems SMB that stems from the inclusion of a SQL injection vulnerability...

10CVSS9.3AI score0.1005EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/06 12:0 a.m.4 views

Siemens Healthineers syngo 安全漏洞

Siemens Healthineers syngo is a general-purpose imaging software for medical use from Siemens Germany. It is used for 2D, 3D and 4D reading and advanced visualization. A security vulnerability exists in Siemens Healthineers syngo that stems from input data not being properly cleaned before it is...

9.8CVSS7.6AI score0.00678EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/06 12:0 a.m.5 views

WordPress plugin WordPress Auction Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.3CVSS8.7AI score0.00449EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/06 12:0 a.m.3 views

WordPress plugin WP Mailster SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

9.8CVSS8.9AI score0.00459EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/06 12:0 a.m.7 views

PT-2024-35922 · Unknown · Basix Nex-Forms

Name of the Vulnerable Software and Affected Versions: Basix NEX-Forms – Ultimate Form Builder versions prior to 8.7.9 Description: The issue is related to the improper neutralization of special elements used in an SQL command, also known as 'SQL Injection'. This allows for malicious SQL commands...

8.5CVSS7.6AI score0.0059EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.3 views

The vulnerability of the software for managing software product licenses in HPE AutoPass License Server lies in the lack of protective measures for the SQL query structure, allowing attackers to access confidential information.

The vulnerability of the software for managing HPE AutoPass License Server products is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker to access confidential information...

7.8CVSS7.3AI score0.00363EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.6 views

The vulnerability of the module for creating multifunctional library portals “J-İRBIIS 2.0” of the SAB IRBIS platform allows a hacker to execute arbitrary SQL code.

The vulnerability of the module for creating multifunctional library portals “J-IRBIS 2.0” of the SAB IRBIS platform is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code by sending a...

10CVSS6.1AI score
Exploits0
CNNVD
CNNVD
added 2024/12/05 12:0 a.m.5 views

1000 Projects Library Management System 安全漏洞

1000 Projects Library Management System is an open source library management system from 1000 Projects. A security vulnerability exists in 1000 Projects Library Management System version 1.0 due to a SQL injection in parameter q. The vulnerability is caused by the presence of a parameter q in the...

9.8CVSS7.8AI score0.00587EPSS
Exploits1References5
Rows per page
Query Builder