Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

90 matches found

CVE
CVEadded 2024/08/29 9:36 a.m.48 views

CVE-2024-29727

SportsNET (version 4.0.1) contains SQL injection vulnerabilities in the /app/ax/sendParticipationRemember/ endpoint (send parameter). The issue could allow an attacker to retrieve, update, and delete all information in the database. A practical description from PT-2024-22971 notes the risk and pr...

9.8CVSS9.9AI score0.00188EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/08/29 9:36 a.m.14 views

CVE-2024-29727 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/sendParticipationRemember/ , paramete...

9.8CVSS9.8AI score0.00188EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/08/29 9:32 a.m.15 views

CVE-2024-29728 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/inscribeUsuario/ , parameter idDesafi...

9.8CVSS0.00188EPSS
Exploits0References1
CVE
CVEadded 2024/08/29 9:32 a.m.49 views

CVE-2024-29728

SportsNET (version 4.0.1) contains SQL injection vulnerabilities affecting its API endpoint /app/ax/inscribeUsuario/ with parameter idDesafio. Multiple connected sources describe that an attacker could retrieve, update, or delete all data by sending specially crafted SQL queries. Root cause and e...

9.8CVSS9.9AI score0.00188EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/08/29 9:32 a.m.13 views

CVE-2024-29728 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/inscribeUsuario/ , parameter idDesafi...

9.8CVSS9.8AI score0.00188EPSS
Exploits0References1
CVE
CVEadded 2024/08/29 9:31 a.m.48 views

CVE-2024-29729

CVE-2024-29729 affects SportsNET, version 4.0.1. The vulnerability is a SQL injection in the API endpoint at /app/ax/generateShortURL/ with the vulnerable parameter url, enabling an attacker to retrieve, update, and delete data in the database. Documented impact is high across confidentiality, in...

9.8CVSS9.9AI score0.00188EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/08/29 9:31 a.m.12 views

CVE-2024-29729 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/generateShortURL/, parameter url...

9.8CVSS9.8AI score0.00188EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/08/29 9:31 a.m.11 views

CVE-2024-29729 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/generateShortURL/, parameter url...

9.8CVSS0.00188EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/08/29 9:28 a.m.17 views

CVE-2024-29730 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/consejoRandom/ , parameter idCat;...

9.8CVSS0.00188EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/08/29 9:28 a.m.11 views

CVE-2024-29730 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/consejoRandom/ , parameter idCat;...

9.8CVSS8AI score0.00188EPSS
Exploits0References1
CVE
CVEadded 2024/08/29 9:28 a.m.43 views

CVE-2024-29730

CVE-2024-29730 affects SportsNET, version 4.0.1. A SQL injection in the /app/ax/consejoRandom/ endpoint (parameter idCat) could let an attacker retrieve, update, and delete database information. Exploitation details are not provided in the sources; no patch/version fix is listed. Some references ...

9.8CVSS9.9AI score0.00188EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/08/29 9:20 a.m.17 views

CVE-2024-29731 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/checkBlindFields/ , parameters...

9.8CVSS0.00188EPSS
Exploits0References1
CVE
CVEadded 2024/08/29 9:20 a.m.49 views

CVE-2024-29731

CVE-2024-29731 corresponds to a SQL injection vulnerability in SportsNET 4.0.1. The issue affects the vulnerable API endpoint /app/ax/checkBlindFields/ and can be exploited via crafted input in the parameters idChallenge and idEmpresa to retrieve, update, or delete all database information. Multi...

9.8CVSS9.9AI score0.00188EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/08/29 9:20 a.m.11 views

CVE-2024-29731 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/checkBlindFields/ , parameters...

9.8CVSS9.8AI score0.00188EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/08/29 12:0 a.m.1 views

SportsNET SQL注入漏洞

SportsNET is a sports event network application from SportsNET, Inc. SportsNET suffers from a SQL injection vulnerability that can be exploited by an attacker to retrieve, update, and delete all information in the database via a specially crafted SQL query...

9.8CVSS7.7AI score0.00188EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/08/29 12:0 a.m.1 views

SportsNET SQL注入漏洞

SportsNET is a sports event network application from SportsNET, Inc. SportsNET suffers from a SQL injection vulnerability that can be exploited by an attacker to retrieve, update, and delete all information in the database via a specially crafted SQL query...

9.8CVSS7.7AI score0.00188EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/08/29 12:0 a.m.1 views

SportsNET SQL注入漏洞

SportsNET is a sports event network application from SportsNET, Inc. SportsNET suffers from a SQL injection vulnerability that can be exploited by an attacker to retrieve, update, and delete all information in the database via a specially crafted SQL query...

9.8CVSS7.7AI score0.00188EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/08/29 12:0 a.m.1 views

SportsNET SQL注入漏洞

SportsNET is a sports event network application from SportsNET, Inc. SportsNET suffers from a SQL injection vulnerability that can be exploited by an attacker to retrieve, update, and delete all information in the database via a specially crafted SQL query...

9.8CVSS7.7AI score0.00188EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/08/29 12:0 a.m.2 views

PT-2024-22971 · Sportsnet · Sportsnet

Name of the Vulnerable Software and Affected Versions: SportsNET version 4.0.1 Description: The issue concerns SQL injection vulnerabilities that could allow an attacker to retrieve, update, and delete all information in the database by sending a specially crafted SQL query to the...

9.8CVSS7.7AI score0.00188EPSS
Exploits0References7
CNNVD
CNNVDadded 2024/08/29 12:0 a.m.1 views

SportsNET SQL注入漏洞

SportsNET is a sports event network application from SportsNET, Inc. SportsNET suffers from a SQL injection vulnerability that can be exploited by an attacker to retrieve, update, and delete all information in the database via a specially crafted SQL query...

9.8CVSS7.7AI score0.00188EPSS
Exploits0References2
Rows per page
Query Builder