CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

90 matches found

OSV•added 2024/08/29 11:15 a.m.•1 views

CVE-2024-29726

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/setAsRead/, parameter id...

9.8CVSS5.8AI score

Exploits0References1

OSV•added 2024/08/29 11:15 a.m.•1 views

CVE-2024-29727

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sendParticipationRemember/ , paramete...

9.8CVSS5.8AI score0.00188EPSS

Exploits0References1

NVD•added 2024/08/29 11:15 a.m.•10 views

CVE-2024-29724

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/ax/registerSp/, parameter idDesafio...

9.8CVSS0.00188EPSS

Exploits0References1

NVD•added 2024/08/29 11:15 a.m.•7 views

CVE-2024-29725

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sortbloques/, parameter list...

9.8CVSS0.00188EPSS

Exploits0References1

NVD•added 2024/08/29 11:15 a.m.•7 views

CVE-2024-29726

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/setAsRead/, parameter id...

9.8CVSS0.00188EPSS

Exploits0References1

NVD•added 2024/08/29 11:15 a.m.•9 views

CVE-2024-29727

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sendParticipationRemember/ , paramete...

9.8CVSS0.00188EPSS

Exploits0References1

OSV•added 2024/08/29 11:15 a.m.•1 views

CVE-2024-29725

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sortbloques/, parameter list...

9.8CVSS5.8AI score

Exploits0References1

Vulnrichment•added 2024/08/29 9:46 a.m.•13 views

CVE-2024-29723 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/conexiones/ax/openTracExt/, parameter...

9.8CVSS9.8AI score0.00188EPSS

Exploits0References1

CVE•added 2024/08/29 9:46 a.m.•43 views

CVE-2024-29723

CVE-2024-29723 corresponds to SQL injection vulnerabilities in SportsNET, affecting version 4.0.1. The issue is exploitable via a crafted SQL query to the API endpoint /conexiones/ax/openTracExt/ using the parameter categoria, which could allow an attacker to retrieve, update, and delete all info...

9.8CVSS9.9AI score0.00188EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/08/29 9:46 a.m.•14 views

CVE-2024-29723 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/conexiones/ax/openTracExt/, parameter...

9.8CVSS0.00188EPSS

Exploits0References1

Vulnrichment•added 2024/08/29 9:45 a.m.•15 views

CVE-2024-29724 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/ax/registerSp/, parameter idDesafio...

9.8CVSS9.8AI score0.00188EPSS

Exploits0References1

CVE•added 2024/08/29 9:45 a.m.•42 views

CVE-2024-29724

SportsNET v4.0.1 contains SQL injection vulnerabilities affecting the /ax/registerSp/ endpoint via the idDesafio parameter. Multiple connected sources (PT-2024-22968, CNVD, RH, CNVD CNVD, CNNVD, NVD) corroborate that an attacker could retrieve, update, and delete database information. Root cause:...

9.8CVSS9.9AI score0.00188EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/08/29 9:45 a.m.•15 views

CVE-2024-29724 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/ax/registerSp/, parameter idDesafio...

9.8CVSS0.00188EPSS

Exploits0References1

Vulnrichment•added 2024/08/29 9:42 a.m.•17 views

CVE-2024-29725 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sortbloques/, parameter list...

9.8CVSS9.8AI score0.00188EPSS

Exploits0References1

CVE•added 2024/08/29 9:42 a.m.•45 views

CVE-2024-29725

SportsNET is affected by CVE-2024-29725, a SQL injection in version 4.0.1. The vulnerability permits an attacker to retrieve, update, and delete all database information by sending a crafted SQL query to the endpoint /app/ax/sort_bloques/ with a manipulated parameter list. The CVSS metrics in the...

9.8CVSS9.9AI score0.00188EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/08/29 9:42 a.m.•17 views

CVE-2024-29725 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sortbloques/, parameter list...

9.8CVSS0.00188EPSS

Exploits0References1

CVE•added 2024/08/29 9:38 a.m.•49 views

CVE-2024-29726

CVE-2024-29726 concerns SportsNET, affected in version 4.0.1, with a SQL injection vulnerability in the application’s handling of the id parameter to /app/ax/setAsRead/. The root cause is improper input handling in the SQL query, enabling an attacker to retrieve, update, and delete all database i...

9.8CVSS9.9AI score0.00188EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/08/29 9:38 a.m.•10 views

CVE-2024-29726 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/setAsRead/, parameter id...

9.8CVSS8AI score0.00188EPSS

Exploits0References1

Cvelist•added 2024/08/29 9:38 a.m.•12 views

CVE-2024-29726 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/setAsRead/, parameter id...

9.8CVSS0.00188EPSS

Exploits0References1

Cvelist•added 2024/08/29 9:36 a.m.•13 views

CVE-2024-29727 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sendParticipationRemember/ , paramete...

9.8CVSS0.00188EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by