Lucene search
K

159 matches found

OSV
OSV
added 2025/06/05 1:15 p.m.4 views

CVE-2025-5658

A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function of the file /admin/updatecomplaint.php. The manipulation of the argument Status leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

8.8CVSS5.8AI score
Exploits0References5
CNNVD
CNNVD
added 2025/06/05 12:0 a.m.2 views

PHPGurukul Complaint Management System 注入漏洞

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Status in the file /admin/updatecomplaint.php. An attacker can...

8.8CVSS8.2AI score0.00325EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/23 9:46 a.m.6 views

CVE-2024-25428

SQL Injection vulnerability in MRCMS v3.1.2 allows attackers to run arbitrary system commands via the status parameter...

6.5CVSS8.3AI score0.00395EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:44 a.m.7 views

CVE-2019-8424

ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter...

9.8CVSS8.1AI score0.016EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:40 a.m.10 views

CVE-2018-20508

CrashFix 1.0.4 has SQL Injection via the Userstatus parameter. This is related to actionIndex in UserController.php, and the protected\models\User.php search function...

9.8CVSS8.2AI score0.01452EPSS
Exploits1References1
CNVD
CNVD
added 2025/05/14 12:0 a.m.1 views

Pre-School Enrollment System /admin/visitor-details.php File SQL Injection Vulnerability

Pre-School Enrollment System is a web-based preschool enrollment system. The Pre-School Enrollment System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Status in file /admin/visitor-details.php. An...

8.8CVSS8.3AI score0.00357EPSS
Exploits1References1
CNVD
CNVD
added 2025/05/07 12:0 a.m.2 views

COVID19 Testing Management System test-details.php File SQL Injection Vulnerability

The COVID19 Testing Management System is a new crown pneumonia testing management system. The COVID19 Testing Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter Status in the /test-details.php...

9.8CVSS8.2AI score0.00498EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/05/06 12:0 a.m.7 views

The vulnerability of the PCMan FTP Server relates to the occurrence of operations beyond the buffer boundaries in memory. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the PCMan FTP Server relates to the execution of operations beyond the buffer boundaries during the processing of the STATUS parameter. Exploitation of this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

7.5CVSS7.5AI score0.0062EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.3 views

PHPGurukul Boat Booking System 注入漏洞

PHPGurukul Boat Booking System is a boat booking system from PHPGurukul. An injection vulnerability exists in version 1.0 of the PHPGurukul Boat Booking System, which stems from SQL injection due to incorrect manipulation of the parameter Status in the file /admin/booking-details.php...

8.8CVSS6.9AI score0.00356EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.3 views

PHPGurukul Pre-School Enrollment System 注入漏洞

PHPGurukul Pre-School Enrollment System is a web-based preschool enrollment system from PHPGurukul, Inc. An injection vulnerability exists in version 1.0 of the PHPGurukul Pre-School Enrollment System, which stems from an incorrect manipulation of the parameter Status resulting in SQL injection...

8.8CVSS7.1AI score0.00356EPSS
Exploits1References5
OSV
OSV
added 2025/04/29 4:15 p.m.4 views

CVE-2025-4071

A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /test-details.php. The manipulation of the argument Status leads to sql injection. The attack can be initiated remotely. The exploit h...

9.8CVSS5.8AI score0.00498EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/04/29 12:0 a.m.1 views

PHPGurukul COVID19 Testing Management System 安全漏洞

The COVID19 Testing Management System is a new crown pneumonia testing management system. The COVID19 Testing Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter Status in the /test-details.php...

9.8CVSS7.8AI score0.00498EPSS
Exploits1References5
OSV
OSV
added 2025/04/17 6:31 p.m.1 views

GHSA-X8PM-WRG2-MQMX OpenMetadata SQL Injection

OpenMetadata =1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO interface. The workflowtype and status parameters can be used to build a SQL query...

7.1CVSS5.9AI score0.00501EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/03/03 4:1 p.m.10 views

CVE-2025-27417 WeGIA Contains a Stored Cross-Site Scripting (XSS) in 'adicionar_status_atendido.php' via the 'status' parameter

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionarstatusatendido.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into...

6.4CVSS5.1AI score0.00271EPSS
Exploits1References2
OSV
OSV
added 2025/02/21 6:15 a.m.4 views

CVE-2024-11260

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the activestatus parameter in all versions up to, and including, 6.6.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

7.5CVSS7.3AI score
Exploits0References2
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.3 views

Linksys E8450 安全漏洞

The Linksys E8450 is a router from Linksys, USA. A security vulnerability exists in the Linksys E8450 v1.2.00.360516, which stems from the ipv6protectstatus parameter being copied to the stack without length validation, resulting in the inclusion of a buffer overflow vulnerability...

5.5CVSS7.2AI score0.00445EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/12/17 9:22 a.m.5 views

CVE-2024-12469 WP BASE Booking of Appointments, Services and Events <= 4.9.1 - Reflected Cross-Site Scripting via status Parameter

The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘status’ parameter in all versions up to, and including, 4.9.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...

6.1CVSS6.4AI score0.00432EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.5 views

PT-2024-17608 · WordPress · Wp Base Booking Of Appointments

Name of the Vulnerable Software and Affected Versions: WP BASE Booking of Appointments, Services and Events plugin for WordPress versions up to, and including, 4.9.1 Description: The issue is related to Reflected Cross-Site Scripting via the status parameter due to insufficient input sanitization...

6.1CVSS8.6AI score0.00432EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/12/16 10:25 p.m.3 views

WordPress WP BASE Booking plugin <= 4.9.1 - Reflected Cross-Site Scripting via status Parameter vulnerability

Reflected Cross-Site Scripting via status Parameter vulnerability discovered by vgo0 in WordPress Plugin WP BASE Booking versions = 4.9.1...

6.1CVSS6.3AI score0.00432EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/11/04 12:0 a.m.4 views

itsourcecode Farm Management System SQL注入漏洞

itsourcecode Farm Management System is an itsourcecode open source farm management system. SQL injection vulnerability exists in itsourcecode Farm Management System version 1.0, which originates from SQL injection of parameters pigno/weight/arrived/breed/remark/status...

8.8CVSS7.1AI score0.00517EPSS
Exploits1References5
Rows per page
Query Builder