Lucene search
K

148 matches found

OSV
OSV
added 2024/03/09 11:15 p.m.3 views

CVE-2024-2351

A vulnerability classified as critical was found in CodeAstro Ecommerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file action.php of the component Search. The manipulation of the argument catid/brandid/keyword leads to sql injection. The attack can be launched...

9.8CVSS6.4AI score0.00684EPSS
Exploits1References3
NVD
NVD
added 2023/12/29 6:15 a.m.19 views

CVE-2023-7156

A vulnerability has been found in Campcodes Online College Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file index.php of the component Search. The manipulation of the argument category leads to sql injection. The attack can be initiated remotely...

9.8CVSS0.0072EPSS
Exploits1References3
Prion
Prion
added 2023/12/29 6:15 a.m.18 views

Sql injection

A vulnerability has been found in Campcodes Online College Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file index.php of the component Search. The manipulation of the argument category leads to sql injection. The attack can be initiated remotely...

7.5CVSS7.8AI score0.0072EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.6 views

Microsoft Windows Search Component Security Vulnerability

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows Search Component. An attacker could exploit this vulnerability to gain elevated privileges. The following product...

7CVSS6.8AI score0.06723EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.4 views

Microsoft Windows Search Component Security Vulnerability

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows Search Component. An attacker could exploit this vulnerability to bypass certain functionality. The following...

6.5CVSS8.9AI score0.01325EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/09/21 12:0 a.m.6 views

The vulnerability of the _search component of the Elasticsearch search engine allows a hacker to trigger a service failure.

The vulnerability of the search component of the Elasticsearch search engine involves reading data beyond the buffer limits in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure by sending a specially crafted API request remotely...

6.8CVSS7.4AI score0.60679EPSS
Exploits4References3Affected Software1
OSV
OSV
added 2023/08/03 8:15 a.m.2 views

CVE-2023-4118

A vulnerability, which was classified as problematic, was found in Cute Http File Server 2.0. This affects an unknown part of the component Search. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may ...

6.1CVSS3.9AI score0.00466EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/08/03 12:0 a.m.5 views

PT-2023-27850 · Unknown · Cute Http File Server

Name of the Vulnerable Software and Affected Versions: Cute Http File Server version 2.0 Description: A problematic vulnerability was found in the Search component of Cute Http File Server, leading to cross site scripting. The manipulation can be initiated remotely. The exploit has been disclosed...

6.1CVSS6.2AI score0.00466EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.7 views

Cute Http File Server Cross-Site Scripting Vulnerability

Cute Http File Server is a free, HTTP protocol file sharing server for iscute individual developers. A cross-site scripting vulnerability exists in Cute Http File Server version 2.0, which stems from a problem with the component Search that can lead to cross-site scripting...

6.1CVSS5.9AI score0.00466EPSS
Exploits0References4
OSV
OSV
added 2023/07/20 4:15 p.m.2 views

CVE-2023-3789

A vulnerability, which was classified as problematic, was found in PaulPrinting CMS 2018. Affected is an unknown function of the file /account/delivery of the component Search. The manipulation of the argument s leads to cross site scripting. It is possible to launch the attack remotely. The...

6.1CVSS3.9AI score0.00522EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/07/20 12:0 a.m.4 views

PT-2023-26160 · Unknown · Paulprinting Cms

Name of the Vulnerable Software and Affected Versions: PaulPrinting CMS version 2018 Description: A problematic issue was found in the Search component of the affected software, specifically in an unknown function of the file /account/delivery. The manipulation of the s argument leads to cross-si...

6.1CVSS4.3AI score0.00522EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.6 views

PT-2023-2673 · Oracle · Peoplesoft Enterprise Peopletools

Name of the Vulnerable Software and Affected Versions: PeopleSoft Enterprise PeopleTools versions 8.58 through 8.60 Description: The issue exists due to insufficient input validation in the Elastic Search component of Oracle PeopleSoft Enterprise PeopleTools. This allows a remote attacker to gain...

7.8CVSS6.1AI score0.00633EPSS
Exploits0References3
Prion
Prion
added 2023/04/09 8:15 a.m.20 views

Sql injection

A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php of the component Search. The manipulation of the argument searchinput leads to sql injection. The attack may be initiated...

6.5CVSS9.7AI score0.00726EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/04/09 8:0 a.m.22 views

CVE-2023-1963 PHPGurukul Bank Locker Management System Search index.php sql injection

A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php of the component Search. The manipulation of the argument searchinput leads to sql injection. The attack may be initiated...

6.5CVSS10AI score0.00726EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/04/09 12:0 a.m.4 views

PT-2023-17376 · Unknown · Phpgurukul Bank Locker Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Bank Locker Management System version 1.0 Description: A critical issue affects the Search component of the PHPGurukul Bank Locker Management System, specifically in the file index.php. The manipulation of the searchinput argument...

9.8CVSS8.1AI score0.00726EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/01/05 12:0 a.m.4 views

PT-2023-10328 · Unknown · Openacs Bug-Tracker

Name of the Vulnerable Software and Affected Versions: OpenACS bug-tracker affected versions not specified Description: A problematic vulnerability has been found in OpenACS bug-tracker, affecting an unknown function of the file lib/nav-bar.adp of the component Search. The manipulation leads to...

8.8CVSS4.5AI score0.00344EPSS
Exploits0References7
OSV
OSV
added 2022/12/06 7:15 p.m.3 views

CVE-2022-43369

AutoTaxi Stand Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component search.php...

6.1CVSS5.7AI score0.0051EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/12/06 12:0 a.m.4 views

PT-2022-26876 · Unknown · Autotaxi Stand Management System

Name of the Vulnerable Software and Affected Versions: AutoTaxi Stand Management System version 1.0 Description: The AutoTaxi Stand Management System contains a cross-site scripting XSS issue via the search.php component. This allows for potential malicious script injection and execution...

6.1CVSS6.2AI score0.0051EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/11/14 12:0 a.m.3 views

Frappe Technologies Frappe 跨站脚本漏洞

Frappe Technologies Frappe is a Python, Mariadb-based web development framework with integrated front-end pages from Frappe Technologies, India. A security vulnerability exists in Frappe Technologies Frappe prior to version 2.5.0, which stems from unknown functionality in the component Search in...

6.1CVSS5.3AI score0.00585EPSS
Exploits0References5
CVE
CVE
added 2022/11/14 12:0 a.m.53 views

CVE-2022-3988

CVE-2022-3988 (Frappe) affects an unknown functionality in the file frappe/templates/includes/navbar/navbar_search.html (component: Search). The underlying issue is that manipulating the query parameter q enables cross-site scripting (XSS). The description notes that the attack may be launched re...

6.1CVSS4.8AI score0.00585EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder