12 matches found
CVE-2020-37163
QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'located' parameter in the findmatches endpoint. Attackers can inject UNION-based SQL statements to extract database information including user credentials, database name...
QuickDate SQL注入漏洞
QuickDate is a Python time processing library developed by QuickDate Inc. Version 1.3.2 of QuickDate contains a SQL injection vulnerability. This vulnerability stems from the unvalidated parameter “located” in the “findmatches” endpoint, which may lead to SQL injection attacks...
CVE-2020-37163 QuickDate 1.3.2 - SQL Injection
QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'located' parameter in the findmatches endpoint. Attackers can inject UNION-based SQL statements to extract database information including user credentials, database name...
CVE-2020-37163
QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'located' parameter in the findmatches endpoint. Attackers can inject UNION-based SQL statements to extract database information including user credentials, database name...
CVE-2020-37163
CVE-2020-37163 – QuickDate 1.3.2 suffers a SQL injection in the find_matches endpoint via the '_located' parameter, enabling UNION-based payloads to exfiltrate database information (credentials, DB name, system version). Evidence across sources confirms the vulnerable component and location of in...
CVE-2020-37163 QuickDate 1.3.2 - SQL Injection
QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'located' parameter in the findmatches endpoint. Attackers can inject UNION-based SQL statements to extract database information including user credentials, database name...
PT-2026-6829
Name of the Vulnerable Software and Affected Versions QuickDate version 1.3.2 Description The software contains a SQL injection issue that allows remote attackers to manipulate database queries. This is achieved through the located parameter in the /find matches API endpoint. Attackers can inject...
QuickDate SQL Injection Vulnerability
QuickDate is a dating personals social platform. QuickDate suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...
QuickDate 1.3.2 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: QuickDate 1.3.2 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://quickdatescript.com/ Version: 1.3.2 Tested on: Linux CVE: N/A POC: 1 POST /findmatches HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11;...
QuickDate 1.3.2 SQL Injection
Exploit Title: QuickDate 1.3.2 - SQL Injection Dork: N/A Date: 2020-02-07 Exploit Author: Ihsan Sencan Vendor Homepage: https://quickdatescript.com/ Version: 1.3.2 Tested on: Linux CVE: N/A POC: 1 POST /findmatches HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11; Linux x8664; rv:55.0...
QuickDate 1.3.2 - SQL Injection
QuickDate 1.3.2 - SQL Injection Exploit Title: QuickDate 1.3.2 - SQL Injection Dork: N/A Date: 2020-02-07 Exploit Author: Ihsan Sencan Vendor Homepage: https://quickdatescript.com/ Version: 1.3.2 Tested on: Linux CVE: N/A POC: 1 POST /findmatches HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0...
QuickDate 1.3.2 - SQL Injection
Exploit Title: QuickDate 1.3.2 - SQL Injection Dork: N/A Date: 2020-02-07 Exploit Author: Ihsan Sencan Vendor Homepage: https://quickdatescript.com/ Version: 1.3.2 Tested on: Linux CVE: N/A POC: 1 POST /findmatches HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11; Linux x8664; rv:55.0...