CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2020/07/16 6:15 p.m.•2 views

CVE-2020-3378

A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An...

4.3CVSS5.9AI score0.00163EPSS

CNVD•added 2020/06/17 12:0 a.m.•2 views

PHP-Fusion has multiple vulnerabilities Vulnerabilities

PHP-Fusion is a lightweight open source content management system . It uses mySQL database to store site content and provide a simple , comprehensive back-end management system . PHP-Fusion includes most of the CMS system has the functionality . PHP-Fusion has PHP object injection and SQL injecti...

8.2AI score

CNVD•added 2020/05/07 12:0 a.m.•1 views

SQL execution vulnerability in imcat backend

Intimate cat imcat is a PHP + MySQL architecture and design of a general-purpose website system, simple, lightweight, practical, sharing, permanent open source free of charge. There is a SQL execution vulnerability in the imcat backend. Attackers can use the vulnerability to obtain sensitive...

7.5AI score

Exploits0

CNVD•added 2020/05/07 12:0 a.m.•7 views

Wordpress LearnPress SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.LearnPress is a learning management system plugin used in it. A SQL injection vulnerability exists in Wordpress LearnPress...

8.8CVSS8.1AI score0.455EPSS

Exploits6References1

OSV•added 2019/10/29 7:15 p.m.•21 views

CVE-2019-10208

A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can...

8.8CVSS7.7AI score0.00197EPSS

OSV•added 2019/10/23 3:15 p.m.•0 views

CVE-2019-18344

Sourcecodester Online Grading System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the student, instructor, department, room, class, or user page id or classid parameter...

9.8CVSS7.6AI score

Tenable Nessus•added 2019/10/18 12:0 a.m.•37 views

SUSE SLED15 / SLES15 Security Update : postgresql10 (SUSE-SU-2019:2707-1)

This update for postgresql10 fixes the following issues : Security issue fixed : CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner bsc1145092. Note that Tenable Network Security has extracted the preceding description blo...

8.8CVSS7.9AI score0.00197EPSS

Exploits0References4

OSV•added 2019/10/17 2:5 p.m.•5 views

SUSE-SU-2019:2707-1 Security update for postgresql10

This update for postgresql10 fixes the following issues: Security issue fixed: - CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner bsc1145092...

CNVD•added 2019/10/16 12:0 a.m.•1 views

WordPress searchterms-tagging-2 plugin SQL injection vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. searchterms-tagging-2 is an SEO Search Engine Optimization plugin used in it. The WordPress searchterms-tagging-2 plugin suffers...

7.2CVSS8AI score0.00539EPSS

Exploits1References1

OSV•added 2019/10/15 3:14 p.m.•3 views

SUSE-SU-2019:2159-1 Security update for postgresql96

This update for postgresql96 fixes the following issues: Security issue fixed: - CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner bsc1145092...

OSV•added 2019/10/15 2:40 p.m.•6 views

SUSE-SU-2019:2158-1 Security update for postgresql94

This update for postgresql94 fixes the following issues: Security issue fixed: - CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner bsc1145092...

OpenVAS•added 2019/09/04 12:0 a.m.•24 views

openSUSE: Security Advisory for postgresql10 (openSUSE-SU-2019:2062-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS9.1AI score0.00197EPSS

Exploits0References2

Tenable Nessus•added 2019/09/04 12:0 a.m.•33 views

openSUSE Security Update : postgresql10 (openSUSE-2019-2062)

This update for postgresql10 fixes the following issues : Security issue fixed : - CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner bsc1145092. This update was imported from the SUSE:SLE-15:Update update project. C Tenab...

8.8CVSS7.9AI score0.00197EPSS

Exploits0References2

OSV•added 2019/09/03 6:18 p.m.•4 views

OPENSUSE-SU-2019:2062-1 Security update for postgresql10

8.8CVSS9.5AI score0.00197EPSS

OSV•added 2019/08/28 5:58 a.m.•6 views

SUSE-SU-2019:2228-1 Security update for postgresql10