CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

270 matches found

OSV•added 2023/08/09 6:15 p.m.•2 views

CVE-2022-48589

A SQL injection vulnerability exists in the “reporting job editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS5.9AI score0.00608EPSS

Exploits0References1

OSV•added 2023/08/09 6:15 p.m.•2 views

CVE-2022-48587

A SQL injection vulnerability exists in the “schedule editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS5.9AI score0.00608EPSS

Exploits0References1

NVD•added 2023/08/09 6:15 p.m.•19 views

CVE-2022-48588

A SQL injection vulnerability exists in the “schedule editor decoupled” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS8.9AI score0.00596EPSS

Exploits0References1

NVD•added 2023/08/09 6:15 p.m.•18 views

CVE-2022-48587

A SQL injection vulnerability exists in the “schedule editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS8.9AI score0.00608EPSS

Exploits0References1

NVD•added 2023/08/09 6:15 p.m.•13 views

CVE-2022-48589

A SQL injection vulnerability exists in the “reporting job editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS8.9AI score0.00608EPSS

Exploits0References1

OSV•added 2023/08/09 6:15 p.m.•3 views

CVE-2022-48583

A command injection vulnerability exists in the dashboard scheduler feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

8.8CVSS5.9AI score0.01322EPSS

Exploits0References1

OSV•added 2023/08/09 6:15 p.m.•2 views

CVE-2022-48582

A command injection vulnerability exists in the ticket report generate feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

8.8CVSS5.9AI score0.01322EPSS

Exploits0References1

OSV•added 2023/08/09 6:15 p.m.•2 views

CVE-2022-48585

A SQL injection vulnerability exists in the “admin brand portal” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS5.9AI score0.00608EPSS

Exploits0References1

OSV•added 2023/08/09 6:15 p.m.•2 views

CVE-2022-48586

A SQL injection vulnerability exists in the “json walker” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS5.9AI score0.00608EPSS

Exploits0References1

NVD•added 2023/08/09 6:15 p.m.•7 views

CVE-2022-48585

A SQL injection vulnerability exists in the “admin brand portal” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS8.9AI score0.00608EPSS

Exploits0References1

NVD•added 2023/08/09 6:15 p.m.•8 views

CVE-2022-48582

A command injection vulnerability exists in the ticket report generate feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

8.8CVSS9AI score0.01322EPSS

Exploits0References1

NVD•added 2023/08/09 6:15 p.m.•22 views

CVE-2022-48583

A command injection vulnerability exists in the dashboard scheduler feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

8.8CVSS9AI score0.01322EPSS

Exploits0References1

NVD•added 2023/08/09 6:15 p.m.•10 views

CVE-2022-48584

A command injection vulnerability exists in the download and convert report feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

8.8CVSS9AI score0.01322EPSS

Exploits0References1

NVD•added 2023/08/09 6:15 p.m.•20 views

CVE-2022-48586

A SQL injection vulnerability exists in the “json walker” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

8.8CVSS8.9AI score0.00608EPSS

Exploits0References1

OSV•added 2023/08/09 6:15 p.m.•2 views

CVE-2022-48580

A command injection vulnerability exists in the ARP ping device tool feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

8.8CVSS5.9AI score0.0131EPSS

Exploits0References1

OSV•added 2023/08/09 6:15 p.m.•4 views

CVE-2022-48581

A command injection vulnerability exists in the “dash export” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

8.8CVSS5.9AI score0.01343EPSS

Exploits0References1

NVD•added 2023/08/09 6:15 p.m.•21 views

CVE-2022-48581

A command injection vulnerability exists in the “dash export” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

8.8CVSS9AI score0.01343EPSS

Exploits0References1

NVD•added 2023/08/09 6:15 p.m.•17 views

CVE-2022-48580

A command injection vulnerability exists in the ARP ping device tool feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

8.8CVSS9AI score0.0131EPSS

Exploits0References1

Prion•added 2023/08/09 6:15 p.m.•8 views

Command injection

A command injection vulnerability exists in the ARP ping device tool feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

6.5CVSS8.9AI score0.0131EPSS

Exploits0References1Affected Software1

Prion•added 2023/08/09 6:15 p.m.•18 views

Command injection

A command injection vulnerability exists in the dashboard scheduler feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

6.5CVSS8.9AI score0.01322EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by