Lucene search
K

33 matches found

ATTACKERKB
ATTACKERKB
added 2022/08/18 2:15 a.m.3 views

CVE-2022-35601

A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt...

9.8CVSS7.7AI score0.00758EPSS
Exploits0References3
OSV
OSV
added 2022/08/18 2:15 a.m.6 views

CVE-2022-35601

A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt...

9.8CVSS6AI score0.00758EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/18 2:15 a.m.3 views

CVE-2022-35603

A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt...

9.8CVSS7.7AI score0.00716EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/08/18 12:0 a.m.5 views

PT-2022-22917 · Unknown · Sazanrjb Inventorymanagementsystem

Name of the Vulnerable Software and Affected Versions: sazanrjb InventoryManagementSystem version 1.0 Description: A SQL injection issue in SupplierDAO.java allows attackers to execute arbitrary SQL commands via the searchTxt parameter. This enables unauthorized access and manipulation of databas...

9.8CVSS10AI score0.00758EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/18 12:0 a.m.27 views

InventoryManagementSystem SQL注入漏洞

InventoryManagementSystem is an inventory management system by Sajan Rajbhandari, an individual developer. It provides an easy way to track products, suppliers, customers, and purchasing and sales information. A SQL injection vulnerability exists in InventoryManagementSystem version 1.0, which...

9.8CVSS9AI score0.00716EPSS
Exploits0References3
OSV
OSV
added 2021/07/02 6:15 p.m.4 views

CVE-2020-36412

A stored cross scripting XSS vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Search Text" field under the "Admin Search" module...

5.4CVSS6.1AI score0.00473EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/07/02 5:51 p.m.38 views

CVE-2020-36412

A stored cross scripting XSS vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Search Text" field under the "Admin Search" module...

5.3AI score0.00473EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/07/02 12:0 a.m.6 views

CMS Made Simple 跨站脚本漏洞

CMS Made Simple CMSMS is an open source content management system that provides developers, programmers, and website owners with a web-based version of the development and management interface. A stored cross-site scripting vulnerability exists in CMS Made Simple version 2.2.14, which can be...

5.4CVSS5.6AI score0.00473EPSS
Exploits1References1
OSV
OSV
added 2019/12/31 5:15 p.m.2 views

CVE-2019-9207

PRTG Network Monitor v7.1.3.3378 allows XSS via the /search.htm searchtext parameter. NOTE: This product is discontinued...

6.1CVSS6.4AI score0.01179EPSS
Exploits1References2
Hacker One
Hacker One
added 2016/07/16 9:3 a.m.24 views

OLX: XSS on Home page olx.com.ar via auto save search text

Hi guys, I found XSS vulnerability on Home page olx.com.ar via auto save search text 1. Copy full link and go to the URL in browser: https://www.olx.com.ar/nf/search/xss%22-'%20%22%3E%3Ciframe/src%20////onload%20=%20alertdocument.cookie%20onerror=alertdocument.cookie 2. Click logo button go back ...

1.7AI score
Exploits0
CNVD
CNVD
added 2015/03/12 12:0 a.m.6 views

Multiple Cross-Site Scripting Vulnerabilities in ZOHO ManageEngine ADManager Plus

ZOHO ManageEngine ADManager Plus is a suite of Microsoft Active Directory management software from ZOHO designed for enterprise users using Windows domains. The software assists AD administrators and helpdesk technicians with day-to-day administrative tasks, such as batch management of user...

4.3CVSS6AI score0.03612EPSS
Exploits3References1
Positive Technologies
Positive Technologies
added 2008/03/12 12:0 a.m.5 views

PT-2008-2890 · Zoho · Manageengine Servicedesk Plus

Name of the Vulnerable Software and Affected Versions: ManageEngine ServiceDesk Plus version 7.0.0 Build 7011 Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the searchText parameter in the...

6.1CVSS6AI score0.00808EPSS
Exploits0References4
securityvulns
securityvulns
added 2006/11/09 12:0 a.m.48 views

Speedwiki 2.0 Arbitrary File Upload Vulnerability

product :Speedwiki 2.0 vendor site: http://speedywiki.sourceforge.net/ risk:critical a user logged in , can upload a PHP script on the server , by the upload script , there's actually no upload filter on this cms path : /speedywiki/index.php?upload=1 xss get :...

0.3AI score
Exploits0
Rows per page
Query Builder