Lucene search
K

5655 matches found

Prion
Prion
added 2023/07/16 3:15 p.m.19 views

Sql injection

A vulnerability classified as critical has been found in Bylancer QuickJob 6.1. Affected is an unknown function of the component GET Parameter Handler. The manipulation of the argument keywords/gender leads to sql injection. It is possible to launch the attack remotely. VDB-234234 is the identifi...

6.5CVSS9.6AI score0.00425EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/07/15 5:15 p.m.22 views

Sql injection

A vulnerability, which was classified as critical, was found in Nesote Inout Blockchain EasyPayments 1.0. Affected is an unknown function of the file /index.php/payment/getcoinaddress of the component POST Parameter Handler. The manipulation of the argument coinid leads to sql injection. It is...

6.5CVSS9.6AI score0.00425EPSS
Exploits0References2Affected Software1
The Hacker News
The Hacker News
added 2023/07/13 9:0 a.m.43 views

Rockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA has alerted of two security flaws impacting Rockwell Automation ControlLogix EtherNet/IP ENIP communication module models that could be exploited to achieve remote code execution and denial-of-service DoS. "The results and impact of...

8.1AI score0.0364EPSS
Exploits0
Prion
Prion
added 2023/07/10 4:15 p.m.18 views

Cross site scripting

A vulnerability classified as problematic has been found in GZ Scripts Event Booking Calendar 1.8. Affected is an unknown function of the file /load.php. The manipulation of the argument firstname/secondname/phone/address1/country leads to cross site scripting. It is possible to launch the attack...

4CVSS5.3AI score0.00438EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/07/07 5:15 p.m.18 views

Cross site scripting

A vulnerability was found in GZ Scripts Time Slot Booking Calendar PHP 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file /load.php. The manipulation of the argument firstname/secondname/phone/address1/country leads to cross site scripting. The attack ca...

4CVSS6.2AI score0.00339EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/05 7:13 p.m.51 views

Security Bulletin: ICP Match 360 is vulnerable to the following CVEs

Summary ICP Match 360 is vulnerable to the following CVEs CVE-2022-3697, CVE-2022-41721, CVE-2022-41723, CVE-2015-3627, CVE-2022-23471, CVE-2023-25153, CVE-2023-25173 Vulnerability Details CVEID:CVE-2022-3697 DESCRIPTION: Ansible Collections Amazon AWS Collection could allow a remote attacker to...

7.8CVSS8.2AI score0.04561EPSS
Exploits2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/20 12:0 a.m.4 views

The vulnerability of Microsoft SharePoint Server and Microsoft SharePoint Server Subscription Edition packages lies in information representation errors in the user interface, which allows attackers to perform spoofing attacks.

The vulnerability of Microsoft SharePoint Server and Microsoft SharePoint Server Subscription Edition packages is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks remotely...

7.5CVSS6.9AI score0.00882EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/15 12:0 a.m.13 views

CVE-2023-34666

Cross-site scripting XSS vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the admin username parameter...

5.9AI score0.00673EPSS
Exploits1References1
QT
QT
added 2023/06/09 12:0 a.m.45 views

Security advisory: Qt Network

A recent SSL issue affecting both OpenSSL and Schannel in Qt Network has been reported and has been assigned the CVE id CVE-2023-34410. In some circumstances, system CA certificates list remains unexpectedly active for the authentication of SSL peers. In a case where clients are supposed to be...

5.3CVSS6AI score0.00732EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/06/08 12:0 a.m.38 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS : Netatalk vulnerabilities (USN-6146-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6146-1 advisory. It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. A...

9.8CVSS8.5AI score0.18903EPSS
Exploits1References10
NVD
NVD
added 2023/06/07 6:15 p.m.25 views

CVE-2023-3152

A vulnerability classified as critical has been found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the file admin\posts\viewpost.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to t...

8.8CVSS7.8AI score0.00839EPSS
Exploits1References3
Prion
Prion
added 2023/06/07 4:15 p.m.12 views

Sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the file admin\categories\managecategory.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely...

6.5CVSS8.9AI score0.00751EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/06/05 6:15 p.m.16 views

Open redirect

A vulnerability, which was classified as problematic, was found in WooSidebars Sidebar Manager Converter Plugin up to 1.1.1 on WordPress. This affects the function processrequest of the file classes/class-woosidebars-sbm-converter.php. The manipulation leads to open redirect. It is possible to...

5.8CVSS7.1AI score0.00696EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/06/01 1:15 p.m.14 views

Cross site request forgery (csrf)

A vulnerability was found in Video Playlist and Gallery Plugin up to 1.136 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the file wp-media-cincopa.php. The manipulation leads to cross-site request forgery. The attack may be launched...

6.8CVSS6.9AI score0.00443EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2023/05/30 2:15 p.m.28 views

CVE-2023-2979

A vulnerability classified as critical has been found in Abstrium Pydio Cells 4.2.0. This affects an unknown part of the component User Creation Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

8.8CVSS6AI score0.00807EPSS
Exploits1References4
Prion
Prion
added 2023/05/25 9:15 p.m.23 views

Information disclosure

A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as problematic. Affected is an unknown function of the file /Login/CheckLogin. The manipulation leads to use of weak hash. It is possible to launch the attack remotely. The complexity of an attack is...

2.6CVSS7.6AI score0.00654EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/05/23 1:15 a.m.12 views

Deserialization of untrusted data

Deserialization of Untrusted Data in Sitecore Experience Platform through 10.2 allows remote attackers to run arbitrary code via ValidationResult.aspx...

7.5CVSS9.5AI score0.01742EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/05/20 8:15 a.m.21 views

Sql injection

A vulnerability was found in SourceCodester Class Scheduling System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/editsubject.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql...

6.5CVSS9.7AI score0.00754EPSS
Exploits1References3Affected Software1
The Hacker News
The Hacker News
added 2023/05/18 5:18 a.m.44 views

Critical Flaws in Cisco Small Business Switches Could Allow Remote Attacks

Cisco has released updates to address a set of nine security flaws in its Small Business Series Switches that could be exploited by an unauthenticated, remote attacker to run arbitrary code or cause a denial-of-service DoS condition. "These vulnerabilities are due to improper validation of reques...

8.1AI score0.11101EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/05/17 12:0 a.m.6 views

PT-2023-2809 · Cisco · Cisco Small Business Series Switches

Name of the Vulnerable Software and Affected Versions: Cisco Small Business Series Switches affected versions not specified Description: The issue is related to multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches. These vulnerabilities could...

9.8CVSS9.9AI score0.01183EPSS
Exploits0References6
Rows per page
Query Builder