Lucene search
K

224 matches found

CNNVD
CNNVD
added 2025/09/09 12:0 a.m.3 views

Netgate pfSense CE 安全漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate, Inc. that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE that stems from the start-day parameter not validating as a...

5.4CVSS5.8AI score0.09815EPSS
Exploits0References4
CNVD
CNVD
added 2025/09/04 12:0 a.m.3 views

Beauty Parlour Management System edit-services.php File SQL Injection Vulnerability

Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally-entered SQL statements in t...

9.8CVSS7.9AI score0.00387EPSS
Exploits1References1
CNVD
CNVD
added 2025/08/28 12:0 a.m.3 views

Apartment Management System add_maintenance_cost.php File SQL Injection Vulnerability

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements for parameter ID in file /maintenance/addmaintenancecost.php. An attacker can exploit thi...

9.8CVSS7.9AI score0.00483EPSS
Exploits1References1
CNVD
CNVD
added 2025/08/28 12:0 a.m.3 views

Apartment Management System add_owner_utility.php File SQL Injection Vulnerability

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /ownerutility/addownerutility.php. An attacker can exploit...

9.8CVSS7.9AI score0.00387EPSS
Exploits1References1
CNVD
CNVD
added 2025/08/20 12:0 a.m.2 views

Job Diary edit-details.php file SQL Injection Vulnerability

Job Diary is a job diary software. Job Diary suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter ID in the file /edit-details.php. An attacker can exploit this vulnerability to execute illegal SQL commands to stea...

9.8CVSS8.3AI score0.00405EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/08/11 12:0 a.m.2 views

Sourceforge Phptax 安全漏洞

Sourceforge Phptax is an open source tax calculator from Sourceforge. A security vulnerability exists in Sourceforge Phptax version 0.8, which stems from the pfilez parameter being passed unvalidated directly to the exec function, which could lead to remote code execution...

9.3CVSS7.8AI score0.01442EPSS
Exploits0References5
CNVD
CNVD
added 2025/08/10 12:0 a.m.2 views

Vehicle Management filter2.php File SQL Injection Vulnerability

Vehicle Management is a vehicle management system. Vehicle Management suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter from in the file /filter2.php. An attacker can exploit this vulnerability to execute illega...

9.8CVSS8AI score0.00403EPSS
Exploits1References1
CNVD
CNVD
added 2025/08/10 12:0 a.m.3 views

Wazifa System postpublish.php File SQL Injection Vulnerability

Wazifa System is a content management system. Wazifa System suffers from a SQL injection vulnerability that originates from the lack of validation of the parameter post in the file /controllers/postpublish.php against externally entered SQL statements. An attacker can exploit this vulnerability t...

9.8CVSS7.9AI score0.00477EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.1 views

Kloxo 安全漏洞

Kloxo is an open source hosting platform from LxCenter. A security vulnerability exists in Kloxo versions prior to 6.1.12 that stems from an unvalidated login-name parameter, which could lead to SQL injection and remote command execution...

10CVSS8AI score0.00667EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/07/29 12:0 a.m.3 views

Human Resource Management System 跨站脚本漏洞

Human Resource Management System is a human resource management system by maverickosama Individual Developer. A cross-site scripting vulnerability exists in Human Resource Management System version 1.0, which stems from an unvalidated employeeid parameter and could lead to a reflective cross-site...

6.1CVSS6.1AI score0.00167EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/25 12:0 a.m.4 views

WeGIA SQL Injection Vulnerability

WeGIA is a web manager for welfare organizations. WeGIA suffers from an SQL injection vulnerability that originates from the unvalidated parameter idatendido in file /html/atendido/ProfileAtendido.php, which can be exploited by an attacker to execute illegal SQL commands to steal sensitive databa...

9.4CVSS8.3AI score0.00371EPSS
Exploits1References1
CNVD
CNVD
added 2025/07/21 12:0 a.m.3 views

Voting System positions_add.php file SQL Injection Vulnerability

Voting System is an election system. Voting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter description in file /admin/positionsadd.php. An attacker can exploit this vulnerability to execute illega...

8.8CVSS8.3AI score0.00318EPSS
Exploits2References1
CNVD
CNVD
added 2025/07/11 12:0 a.m.2 views

WeGIA SQL Injection Vulnerability (CNVD-2025-17291)

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that stems from a lack of validation of the idfuncionario parameter against externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

9.8CVSS8.3AI score0.00488EPSS
Exploits1References1
CNVD
CNVD
added 2025/07/07 12:0 a.m.2 views

Library System student-issue-book.php File SQL Injection Vulnerability

Library System is a library system. The Library System suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter reg in the file /student-issue-book.php. An attacker can exploit this vulnerability to execute illeg...

9.8CVSS8.3AI score0.00399EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/07/07 12:0 a.m.3 views

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements by the almox parameter. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive databa...

9.8CVSS8AI score0.00408EPSS
Exploits1References3
CNVD
CNVD
added 2025/07/07 12:0 a.m.3 views

Simple forum register1.php file SQL Injection Vulnerability

Simple forum is a simple forum. Simple forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter User in the file /register1.php. An attacker can exploit this vulnerability to execute illegal SQL commands to...

9.8CVSS7.9AI score0.00399EPSS
Exploits1References1
CNVD
CNVD
added 2025/07/04 12:0 a.m.4 views

Daily Expense Manager User Enumeration Vulnerability

Daily Expense Manager is a daily expense management system. Daily Expense Manager suffers from a user enumeration vulnerability that stems from the unvalidated parameter name in the file /check.php, no details of the vulnerability are available at this time...

8.7CVSS6.8AI score0.00294EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/04 12:0 a.m.5 views

Student Record System manage-students.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter del in the file /manage-students.php. An attacker can exploit this vulnerability to...

8.8CVSS7.1AI score0.00318EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/06/30 12:0 a.m.4 views

Code-Projects Daily Expense Manager 安全漏洞

Daily Expense Manager is a daily expense management system. Daily Expense Manager suffers from a user enumeration vulnerability that stems from the unvalidated parameter name in the file /check.php, no details of the vulnerability are available at this time...

8.7CVSS6.8AI score0.00294EPSS
Exploits0References1
CNVD
CNVD
added 2025/06/27 12:0 a.m.2 views

Online Shoe Store admin_index.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of the parameter Username in the file /admin/adminindex.php for externally entered SQL statements. An attacker can exploit this vulnerability ...

9.8CVSS7.9AI score0.00394EPSS
Exploits1References1
Rows per page
Query Builder