Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1417 matches found

Exploit DB
Exploit DBadded 2012/12/04 12:0 a.m.19 views

Sourcefabric Newscoop - 'f_email' SQL Injection

source: https://www.securityfocus.com/bid/56800/info Newscoop is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2012/12/04 12:0 a.m.9 views

WordPress Theme Nest - codigo SQL Injection

WordPress Theme Nest - codigo SQL Injection source: https://www.securityfocus.com/bid/56792/info The Nest theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue...

0.2AI score
Exploits0
Exploit DB
Exploit DBadded 2012/11/29 12:0 a.m.26 views

WordPress Theme Toolbox - 'mls' SQL Injection

source: https://www.securityfocus.com/bid/56745/info The Toolbox theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. An attacker can exploit this issue to compromise the application, access o...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2012/11/27 12:0 a.m.19 views

WordPress Theme CStar Design - 'id' SQL Injection

source: https://www.securityfocus.com/bid/56694/info The CStar Design theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application, acce...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2012/11/27 12:0 a.m.9 views

WordPress Theme CStar Design - id SQL Injection

WordPress Theme CStar Design - id SQL Injection source: https://www.securityfocus.com/bid/56694/info The CStar Design theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploi...

0.1AI score
Exploits0
exploitpack
exploitpackadded 2012/11/26 12:0 a.m.11 views

WordPress Plugin Ads Box - count SQL Injection

WordPress Plugin Ads Box - count SQL Injection source: https://www.securityfocus.com/bid/56681/info The Ads Box plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit thi...

0.1AI score
Exploits0
exploitpack
exploitpackadded 2012/11/22 12:0 a.m.10 views

WordPress Plugin Webplayer - id SQL Injection

WordPress Plugin Webplayer - id SQL Injection source: https://www.securityfocus.com/bid/56660/info The Webplayer plugin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to...

0.3AI score
Exploits0
exploitpack
exploitpackadded 2012/11/22 12:0 a.m.17 views

WordPress Plugin Plg Novana - id SQL Injection

WordPress Plugin Plg Novana - id SQL Injection source: https://www.securityfocus.com/bid/56661/info The Plg Novana plugin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to...

0.8AI score
Exploits0
Exploit DB
Exploit DBadded 2012/11/16 12:0 a.m.27 views

WordPress Theme Dailyedition-mouss - 'id' SQL Injection

source: https://www.securityfocus.com/bid/56568/info The Dailyedition-mouss theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. An attacker can exploit this issue to compromise the applicatio...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2012/11/16 12:0 a.m.12 views

WordPress Theme Dailyedition-mouss - id SQL Injection

WordPress Theme Dailyedition-mouss - id SQL Injection source: https://www.securityfocus.com/bid/56568/info The Dailyedition-mouss theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. An attack...

8.7AI score
Exploits0
Exploit DB
Exploit DBadded 2012/11/16 12:0 a.m.18 views

WordPress Plugin Tagged Albums - 'id' SQL Injection

source: https://www.securityfocus.com/bid/56569/info The Tagged Albums plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. An attacker can exploit this issue to compromise the application,...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2012/11/09 12:0 a.m.25 views

WordPress Plugin PHP Event Calendar - 'cid' SQL Injection

source: https://www.securityfocus.com/bid/56478/info The PHP Event Calendar plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. An attacker can exploit this issue to compromise the...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2012/11/09 12:0 a.m.10 views

WordPress Plugin Eco-annu - eid SQL Injection

WordPress Plugin Eco-annu - eid SQL Injection source: https://www.securityfocus.com/bid/56479/info The Eco-annu plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. An attacker can exploit th...

0.6AI score
Exploits0
exploitpack
exploitpackadded 2012/11/07 12:0 a.m.29 views

WordPress Plugin FLV Player - id SQL Injection

WordPress Plugin FLV Player - id SQL Injection source: https://www.securityfocus.com/bid/56418/info The FLV Player plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. An attacker can exploit...

0.4AI score
Exploits0
Exploit DB
Exploit DBadded 2012/11/07 12:0 a.m.23 views

WordPress Plugin FLV Player - 'id' SQL Injection

source: https://www.securityfocus.com/bid/56418/info The FLV Player plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. An attacker can exploit this issue to compromise the application, acce...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2012/10/31 12:0 a.m.26 views

WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities

WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities waraxe-2012-SA095 - Multiple Vulnerabilities in Wordpress FoxyPress Plugin =============================================================================== Author: Janek Vind "waraxe" Date: 30. October 2012 Location: Estonia, Tartu Web:...

0.2AI score
Exploits0
exploitpack
exploitpackadded 2012/10/26 12:0 a.m.12 views

VicBlog - Multiple SQL Injections

VicBlog - Multiple SQL Injections source: https://www.securityfocus.com/bid/56307/info VicBlog is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to...

0.4AI score
Exploits0
htbridge
htbridgeadded 2012/09/19 12:0 a.m.37 views

Multiple vulnerabilities in OpenX

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in OpenX, which can be exploited to perform Cross-Site Scripting XSS and SQL Injection attacks. 1 Cross-Site Scripting XSS in OpenX: CVE-2012-4989 Input passed via the "parent" GET parameter to /www/admin/plugin-index.php ...

6.5CVSS6.9AI score0.02893EPSS
Exploits3Affected Software1
NVD
NVDadded 2012/09/17 5:55 p.m.12 views

CVE-2010-4822

core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when the site is running in "live mode," allows remote attackers to obtain the SQL queries for a page via the showqueries and ajax parameters...

4.3CVSS7AI score0.00592EPSS
Exploits1References8
Tenable Nessus
Tenable Nessusadded 2012/09/15 12:0 a.m.30 views

Scientific Linux Security Update : postgresql and postgresql84 on SL5.x, SL6.x i386/x86_64 (20120913)

It was found that the optional PostgreSQL xml2 contrib module allowed local files and remote URLs to be read and written to with the privileges of the database server when parsing Extensible Stylesheet Language Transformations XSLT. An unprivileged database user could use this flaw to read and...

6.5CVSS7.3AI score0.00956EPSS
Exploits2References4
Rows per page
Query Builder