EUVD-2005-4380

Malware in sbrugna...

CVE-2024-5523

SQL injection vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability could allow an authenticated local user to send a specially crafted SQL query to the 'searchString' parameter and retrieve all information stored in the database...

CVE-2024-5523 SQL injection vulnerability in Astrotalks

SQL injection vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability could allow an authenticated local user to send a specially crafted SQL query to the 'searchString' parameter and retrieve all information stored in the database...

CVE-2024-5523 SQL injection vulnerability in Astrotalks

SQL injection vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability could allow an authenticated local user to send a specially crafted SQL query to the 'searchString' parameter and retrieve all information stored in the database...

PT-2023-26613 · Follett · Follett Destiny

Name of the Vulnerable Software and Affected Versions: Follet Learning Solutions Destiny versions through 20.0 1U Description: A Cross Site Scripting XSS issue exists, allowing exploitation via the "handlewpesearchform.do" endpoint, specifically through the searchString variable. Recommendations:...

web-cyradm SQL注入漏洞

web-cyradm is web-cyradm open source a web-based software. web-cyradm has a SQL injection vulnerability that stems from a problem in the unknown section of the file search.php, where manipulation of the parameter searchstring can lead to sql injection...

CVE-2020-22986

Cross-Site Scripting XSS vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task...

CVE-2020-22986

Cross-Site Scripting XSS vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task...

SpeakOut! Email Petitions < 2.13.3 - Reflected Cross-Site Scripting

The plugin does not escape its searchString parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue PoC https://example.com/wp-admin/admin.php?page=dkspeakoutsignatures=search="...

Trend Micro Encryption for Email Gateway emailSearch SearchString SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary SQL statements on vulnerable installations of Trend Micro Encryption for Email Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exist...

Trend Micro Email Encryption Gateway SQL Injection Vulnerability (CNVD-2018-04494)

Trend Micro Email Encryption is a suite of identity-based email encryption solutions from Trend Micro, Inc. The Trend Micro Email Encryption Gateway TMEEG is one of the gateway products that provides data protection. A SQL injection vulnerability exists in the search configuration script in Trend...

autofiat.perm.ru XSS vulnerability

Vulnerable URL: http://autofiat.perm.ru/index.php?searchstring=...

CVE-2010-5314

Cross-site scripting XSS vulnerability in controllers/homecontroller.php in BEdita before 3.1 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter to news/index...

CVE-2010-3274

Multiple cross-site scripting XSS vulnerabilities in EmployeeSearch.cc in the Employee Search Engine in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allow remote attackers to inject arbitrary web script or HTML via the searchString parameter in a 1 showList or 2 Search action...

CVE-2006-5962

Multiple SQL injection vulnerabilities in Hpecs Shopping Cart allow remote attackers to execute arbitrary SQL commands via the 1 Username and 2 Password fields in the a login screen, and 3 searchstring parameter in b insearchlist.asp...

CVE-2006-5962

Multiple SQL injection vulnerabilities in Hpecs Shopping Cart allow remote attackers to execute arbitrary SQL commands via the 1 Username and 2 Password fields in the a login screen, and 3 searchstring parameter in b insearchlist.asp...

CVE-2005-1502

Cross-site scripting XSS vulnerability in MidiCart PHP Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the 1 searchstring parameter to searchlist.php or the 2 secondgroup or 3 maingroup parameters to itemlist.php...

CVE-2003-0614

Cross-site scripting XSS vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter...

CVE-2003-0614

Cross-site scripting XSS vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter...