Lucene search
+L

191 matches found

cnvd
cnvd
added 2019/09/12 12:0 a.m.4 views

SQL Injection Vulnerability in the Frontend of Nanjing Benan Work Safety Accident Hidden Trouble Detection and Management Information System V2.3

Nanjing Benan Instrumentation Systems Co., Ltd. is committed to the design and development of hardware and software products in the field of safety production. SQL injection vulnerability exists in the front-end of Nanjing Benan's Hidden Accident Investigation and Management Information System...

8AI score
Exploits0
vulnersosv
vulnersosv
added 2018/10/23 4:8 p.m.6 views

cloud.agileframework:agile-security (>=2.1.0.M8 <=2.2.0.M7), cloud.agileframework:spring-boot-starter-kaptcha (>=2.1.0.M8 <=2.2.0.M7) +234 more potentially affected by CVE-2018-18531 via com.github.penggle:kaptcha (=2.3.2)

com.github.penggle:kaptcha MAVEN version =2.3.2 is affected by a known vulnerability. The following packages have a transitive dependency on com.github.penggle:kaptcha and may be impacted: - cloud.agileframework:agile-security =2.1.0.M8, =2.1.0.M8, =1.0.0-2024, =1.0.0-2024, =1.0.0-2024, =1.0.0,...

9.8CVSS7.3AI score0.01468EPSS
Exploits0
cnvd
cnvd
added 2018/10/23 12:0 a.m.6 views

SV3C L-SERIES HD CAMERA Cross-Site Scripting Vulnerability

SV3C L-SERIES HD CAMERA is a webcam product from SV3C Technology, China. A cross-site scripting vulnerability exists in SV3C L-SERIES HD CAMERA version V2.3.4.2103-S50-NTD-B20170508B, which originates from the program failing to properly validate user-submitted input. The vulnerability can be...

5.4CVSS5.3AI score0.00545EPSS
Exploits1References1
cnvd
cnvd
added 2018/08/08 12:0 a.m.5 views

CloudBees Jenkins TraceTronic ECU-TEST Plugin Server-Side Request Forgery Vulnerability

CloudBees Jenkins is a suite of Java-based continuous integration tools from CloudBees, Inc. that are used to monitor ongoing software releases/testing projects and some timed tasks.TraceTronic ECU-TEST Plugin is an automated test software for embedded systems that uses... TraceTronic ECU-TEST...

6.5CVSS6.5AI score0.00862EPSS
Exploits0References1
cnvd
cnvd
added 2018/01/02 12:0 a.m.49 views

Zivif PR115-204-P-RS Remote Command Injection Vulnerability

The Zivif PR115-204-P-RS is a webcam device. A remote command injection vulnerability exists in Zivif PR115-204-P-RS version 2.3.4.2103. A remote attacker can exploit this vulnerability to inject arbitrary commands...

10CVSS7.8AI score0.84558EPSS
Exploits8References1
cnvd
cnvd
added 2017/05/26 12:0 a.m.5 views

systemd-resolved denial of service vulnerability

systemd-resolved is a system service used to manage network name resolution. A denial of service vulnerability exists in systemd-resolved version 233 and earlier. A remote attacker could use this vulnerability to cause a denial of service daemon crash with a specially crafted DNS response...

7.5CVSS6.8AI score0.15422EPSS
Exploits0References1
cnvd
cnvd
added 2017/04/20 12:0 a.m.5 views

MantisBT 'Timeline include' page cross-site scripting vulnerability

MantisBT is a Web-based open source defect tracking system of the MantisBT team . The system provides project management and defect tracking services in the form of Web operations. A cross-site scripting vulnerability exists in the Timeline include page used in the My View myviewpage.php and User...

6.1CVSS6.3AI score0.01754EPSS
Exploits1References1
cnvd
cnvd
added 2016/11/04 12:0 a.m.5 views

Exponent CMS 'src' Parameter SQL Injection Vulnerability

Exponent CMS is a free, open source PHP-based modular content management system CMS of the U.S. OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. Exponent CMS version 2.3.9 suffers from a...

9.8CVSS9.7AI score0.02567EPSS
Exploits1References1
cnvd
cnvd
added 2016/11/04 12:0 a.m.7 views

Exponent CMS 'version' Parameter SQL Injection Vulnerability

Exponent CMS is a free, open source PHP-based modular content management system CMS of the U.S. OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. Exponent CMS version 2.3.9 suffers from a...

9.8CVSS9.7AI score0.0308EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2012/07/23 12:0 a.m.3 views

PT-2012-4689 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.0.x through 2.0.9 Moodle versions 2.1.x through 2.1.6 Moodle versions 2.2.x through 2.2.3 Moodle versions 2.3.x through 2.3.0 Description: A cross-site scripting XSS issue exists, allowing remote authenticated administrators...

3.5CVSS5.1AI score0.0144EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2009/07/10 12:0 a.m.5 views

PT-2009-4839 · Ruby · Ruby On Rails

Name of the Vulnerable Software and Affected Versions: Ruby on Rails versions prior to 2.3.3 Description: The issue concerns the digest authentication functionality in Ruby on Rails, where the example code defines an authenticate or request with http digest block that returns nil instead of false...

9.8CVSS4.7AI score0.03377EPSS
Exploits1References16
Rows per page
Query Builder