Lucene search
K

9 matches found

Cvelist
Cvelist
added 2025/09/15 10:6 a.m.37 views

CVE-2025-9076 Mattermost Server exposes sensitive user credentials during shared channel membership synchronization

Mattermost versions 10.10.x = 10.10.1 fail to properly sanitize user data during shared channel membership synchronization, which allows malicious or compromised remote clusters to access sensitive user information via unsanitized user objects. This vulnerability affects Mattermost Server instanc...

6.5CVSS0.00242EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:32 a.m.9 views

CVE-2024-48509

Learning with Texts LWT 2.0.3 is vulnerable to SQL Injection. This occurs when the application fails to properly sanitize user inputs, allowing attackers to manipulate SQL queries by injecting malicious SQL statements into URL parameters. By exploiting this vulnerability, an attacker could gain...

9.8CVSS8AI score0.00523EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2025/04/22 12:0 a.m.300 views

📄 Online Exam Mastering System 1.0 Cross Site Scripting

Online Exam Mastering System version 1.0 suffers from a cross site scripting vulnerability. Exploit Title: code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting XSS Google Dork: inurl:/exam/feedback.php Date: 2025-04-19 Exploit Author: Pruthu Raut Vendor Homepage:...

6.1CVSS6.2AI score0.00722EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/25 12:0 a.m.299 views

Tourism Management System v2.0 - Arbitrary File Upload

Exploit Title: Tourism Management System v2.0 - Arbitrary File Upload Google Dork: N/A Exploit Author: SoSPiro Date: 2024-02-18 Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/tourism-management-system-free-download/ Version: 2.0 Tested on: Windows 10 Pro Impact:...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2020/05/19 10:29 p.m.4 views

ruby: HTTP response splitting in WEBrick

It was found that WEBrick did not sanitize headers sent back to clients, resulting in a response-splitting vulnerability. An attacker, able to control the server's headers, could force WEBrick into injecting additional headers to a client...

5.3CVSS7.2AI score0.0576EPSS
Exploits0References5
exploitpack
exploitpack
added 2005/06/22 12:0 a.m.29 views

DUware DUamazon Pro 3.03.1 - type.asp?iType SQL Injection

DUware DUamazon Pro 3.03.1 - type.asp?iType SQL Injection source: https://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2005/04/11 12:0 a.m.9 views

jPORTAL 2.3.1 - Banner.php SQL Injection

jPORTAL 2.3.1 - Banner.php SQL Injection source: https://www.securityfocus.com/bid/13103/info JPortal is reportedly affected by an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

Exploits0
exploitpack
exploitpack
added 2005/02/02 12:0 a.m.17 views

Eurofull E-Commerce - Mensresp.asp Cross-Site Scripting

Eurofull E-Commerce - Mensresp.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/12420/info Reportedly Eurofull E-Commerce is affected by a cross-site scripting vulnerability in the 'mensresp.asp' script. This issue is due to a failure of the application to properly sanitize...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.67 views

MercuryBoard < 1.1.6 SQL Injection

Binary data 4510.prm...

7.5CVSS7.3AI score0.00967EPSS
Exploits1References2
Rows per page
Query Builder