Lucene search
K

53 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:21 a.m.14 views

CVE-2017-12774

finecms in 1.9.5\controllers\member\ContentController.php allows remote attackers to operate website database...

9.8CVSS7AI score0.01524EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/20 12:0 a.m.5 views

CVE-2025-26086

An unauthenticated blind SQL injection vulnerability exists in RSI Queue Management System v3.0 within the TaskID parameter of the get request handler. Attackers can remotely inject time-delayed SQL payloads to induce server response delays, enabling time-based inference and iterative extraction ...

7.9AI score0.11668EPSS
Exploits1References1
OSV
OSV
added 2025/04/16 6:16 p.m.6 views

CVE-2025-32824

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

8.7CVSS5.8AI score0.00683EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 5:15 p.m.14 views

CVE-2024-54926

A SQL Injection vulnerability was found in /searchclass.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the schoolyear parameter...

9.8CVSS0.00566EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36440 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL Injection issue was found in the /admin/edit user.php file, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized access to the database via the...

9.8CVSS8.6AI score0.00562EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36442 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL injection issue was found in the /admin/edit content.php endpoint, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized access to the database...

9.8CVSS8.6AI score0.00583EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/12/09 12:0 a.m.11 views

CVE-2024-54921

A SQL Injection was found in /studentsignup.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username, firstname, lastname, and classid parameters...

10AI score0.00583EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/11/08 12:0 a.m.4 views

PT-2024-34342 · Unknown · Elefant Firebird

Name of the Vulnerable Software and Affected Versions: Elefant Firebird database versions prior to 24.03.03 Description: An unauthenticated attacker with access to the local network of a medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database...

9.8CVSS7.4AI score0.00676EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.4 views

PT-2024-33068 · Unknown · Phpgurukul User Registration & Login/User Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul User Registration & Login and User Management System version 3.2 Description: A SQL Injection issue was found in the /password-recovery.php file, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized...

7.6CVSS9.4AI score0.00411EPSS
Exploits1References5
OSV
OSV
added 2023/10/04 4:15 p.m.5 views

CVE-2022-36276

TCMAN GIM v8.0.1 is vulnerable to a SQL injection via the 'SqlWhere' parameter inside the function 'BuscarESM'. The exploitation of this vulnerability might allow a remote attacker to directly interact with the database...

9.8CVSS5.9AI score0.00768EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.9 views

PT-2023-9169 · Unknown · Schuhfried

Name of the Vulnerable Software and Affected Versions: SCHUHFRIED version 8.22.00 Description: The issue is related to the use of hardcoded credentials in the SCHUHFRIED system, which can be exploited by a remote attacker to obtain access to protected information using a specially crafted curl...

9.8CVSS9.1AI score0.00805EPSS
Exploits1References8
OSV
OSV
added 2023/01/18 1:15 a.m.5 views

CVE-2022-45444

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 contains hard-coded passwords for select users in the application’s database. This could allow a remote attacker to login to the database with unrestricted access...

9.8CVSS5.8AI score0.00944EPSS
Exploits0References1
0day.today
0day.today
added 2022/08/15 12:0 a.m.378 views

Readymade Job Portal Script SQL Injection Vulnerability

Readymade Job Portal Script suffers from a remote SQL injection vulnerability. The researcher requested version information from the vendor while reporting the vulnerability but the company has been unresponsive. ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...

7.9AI score
Exploits0
Packet Storm
Packet Storm
added 2022/08/09 12:0 a.m.463 views

Matrimonial PHP Script 1.0 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.7AI score
Exploits0
OSV
OSV
added 2022/05/25 12:15 p.m.3 views

CVE-2022-28862

In Archibus Web Central before 26.2, multiple SQL Injection vulnerabilities occur in dwr/call/plaincall/workflow.runWorkflowRule.dwr. Through the injection of arbitrary SQL statements, a potential attacker can modify query syntax and perform unauthorized and unexpected operations against the remo...

9.8CVSS6AI score0.00968EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/30 12:0 a.m.4 views

Eaglesoft 信任管理问题漏洞

Eaglesoft is a software application.Eaglesoft is dental software that we call PMS or Practice Management Software. It contains charting information, insurance, patient information, scheduling, scanned documents, and in some cases X-rays if the office is licensed for imaging. Patterson Eaglesoft A...

7.5CVSS7.6AI score0.0117EPSS
Exploits1References3
CNVD
CNVD
added 2021/07/01 12:0 a.m.9 views

IBM Datacap Taskmaster Capture SQL Injection Vulnerability

IBM Datacap Taskmaster Capture is a complete solution for document and data capture from IBM USA. Data and document images can be scanned, categorized, identified, validated, verified and exported quickly, accurately and cost-effectively. IBM Datacap Taskmaster Capture suffers from a SQL injectio...

8.8CVSS7.4AI score0.00968EPSS
Exploits0References1
OSV
OSV
added 2019/01/18 6:29 p.m.3 views

CVE-2019-3906

Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents...

8.8CVSS7.4AI score0.0289EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/06/24 12:0 a.m.38 views

MySQL Server Login Possible

Nessus was able to log into the remote MySQL server using the supplied credentials. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid91823; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate", value:"2026/01/27"; scriptnameenglish:"MySQL Server Log...

5.9AI score
Exploits0References1
CNVD
CNVD
added 2015/06/23 12:0 a.m.3 views

Milw0rm Clone Script SQL Injection Vulnerability

Milw0rm is a hacking and defense interest group that provides security services such as vulnerability mining, security information, hacking and defense, security tools and other security services for IT technicians.Milw0rm Clone Script is a script for sharing and managing the Milw0rm website's...

7.5CVSS8.7AI score0.01285EPSS
Exploits1References1
Rows per page
Query Builder