CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

5.3CVSS8.1AI score0.01841EPSS

Macrob7 Macs Framework Cms 安全漏洞

Macrob7 Macs Framework Cms is an open source Cms framework by the individual developer Macdonald Terrence Robinson. A security vulnerability exists in Macrob7 Macs CMS version 1.1.4f and earlier, which stems from the presence of a SQL injection vulnerability that could allow a remote attacker to...

Exploits3References3

8.1CVSS8.6AI score0.01713EPSS

WordPress Plugin WooCommerce Customers Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

Exploits5References3

8.5CVSS7.6AI score0.00349EPSS

WordPress Plugin User Activity Log PRO SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

Exploits0References2

7.6CVSS7.8AI score0.35997EPSS

WordPress Plugin BWL Advanced FAQ Manager SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin BWL Advanced FAQ Manager i...

Exploits3References3

OSV•added 2024/04/12 2:15 p.m.•2 views

CVE-2024-3704

SQL Injection Vulnerability has been found on OpenGnsys product affecting version 1.1.1d Espeto. This vulnerability allows an attacker to inject malicious SQL code into login page to bypass it or even retrieve all the information stored in the database...

9.8CVSS5.8AI score

Exploits0References2

CNNVD•added 2024/04/12 12:0 a.m.•4 views

PHPGurukul Small CRM SQL注入漏洞

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements on the registration page. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

9.8CVSS8.2AI score0.00203EPSS

CNNVD•added 2024/04/12 12:0 a.m.•3 views

PHPGurukul Small CRM SQL注入漏洞

Small CRM is a customer relationship management system. A SQL injection vulnerability exists in Small CRM, which stems from a lack of validation of externally-entered SQL statements in the change password handler. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

8.8CVSS8.3AI score0.06219EPSS

CNNVD•added 2024/04/12 12:0 a.m.•4 views

Desdev DedeCMS SQL注入漏洞

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open source content management system CMS from China's Zhuozhuo Network Desdev. The system features content publishing, content management, content editing and content retrieval. DedeCMS 5.7.112-UTF8 has a SQL injection...

9.8CVSS7AI score0.0007EPSS

Exploits0References5

CNNVD•added 2024/04/11 12:0 a.m.•2 views

Advocate Office Management System SQL注入漏洞

Advocate Office Management System is an office management system by the individual developer mayurik. A SQL injection vulnerability exists in Advocate Office Management System version 1.0, which originates from a SQL injection vulnerability in the file /control/deactivatecase.php...

7.2CVSS5.7AI score0.00171EPSS

CNNVD•added 2024/04/10 12:0 a.m.•2 views

Church Management System SQL注入漏洞

Church Management System is a church management system. A SQL injection vulnerability exists in version 1.0 of the Church Management System, which is caused by a SQL injection vulnerability in the password parameter of the login.php file...

9.8CVSS8AI score0.00126EPSS

OSV•added 2024/04/09 5:15 p.m.•2 views

CVE-2024-26210

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

8.8CVSS7.4AI score0.0298EPSS

Exploits0References1

CNNVD•added 2024/04/09 12:0 a.m.•3 views

Microsoft OLE DB Provider for SQL Server 安全漏洞

Microsoft OLE DB Driver for SQL Server is a standalone data access application programming interface API for OLE DB. A remote code execution vulnerability exists in Microsoft OLE DB Driver for SQL Server, which can be exploited by an attacker to execute arbitrary code on the system...

8.8CVSS8.8AI score0.01308EPSS

CNNVD•added 2024/04/09 12:0 a.m.•3 views

Microsoft OLE DB Provider for SQL Server 安全漏洞

Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft OLE DB Provider for SQL Server. An attacker could exploit the vulnerability to remotely execute code. T...

8.8CVSS8.8AI score0.0298EPSS

CNNVD•added 2024/04/09 12:0 a.m.•2 views

Microsoft OLE DB Provider for SQL Server 安全漏洞

8.8CVSS8.8AI score0.0298EPSS

CNNVD•added 2024/04/09 12:0 a.m.•3 views

Microsoft OLE DB Provider for SQL Server 安全漏洞

7.5CVSS8.8AI score0.0169EPSS

Positive Technologies•added 2024/04/09 12:0 a.m.•1 views

PT-2024-3175 · Microsoft · Odbc Driver For Sql Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft ODBC Driver for SQL Server affected versions not specified Description: The issue is related to a buffer overflow in dynamic memory in the Microsoft ODBC Driver for SQL Server. This can be exploited by a remote attacker to execute...

10CVSS9.5AI score0.02216EPSS

Exploits0References7

CNNVD•added 2024/04/09 12:0 a.m.•1 views

Microsoft OLE DB Provider for SQL Server 安全漏洞

8.8CVSS8.8AI score0.02216EPSS

CNNVD•added 2024/04/09 12:0 a.m.•1 views

Microsoft OLE DB Provider for SQL Server 安全漏洞

8.8CVSS8.8AI score0.0298EPSS