Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/02/19 10:48 a.m.4 views

CVE-2025-15560 SQL Injection in NesterSoft WorkTime

An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...

6AI score0.00251EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.11 views

The vulnerability of the /cgi-bin/widget_api.cgi file of the Web Management Interface component of the D-Link DNS-320 router’s microprogramming system allows a hacker to disclose confidential information.

The vulnerability of the /cgi-bin/widgetapi.cgi file of the Web Management Interface component of the D-Link DNS-320 router software relates to the disclosure of information. Exploiting this vulnerability could allow an attacker to disclose confidential information by manipulating the...

5.9CVSS5.4AI score0.02104EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2024/09/05 12:15 p.m.7 views

CVE-2024-8460

A vulnerability, which was classified as problematic, has been found in D-Link DNS-320 2.02b01. Affected by this issue is some unknown functionality of the file /cgi-bin/widgetapi.cgi of the component Web Management Interface. The manipulation of the argument getHD/getSer/getSys leads to...

5.9CVSS4.5AI score0.02104EPSS
Exploits1References6
CNVD
CNVD
added 2018/11/15 12:0 a.m.2 views

ZOHO ManageEngine OpManager Cross-Site Scripting Vulnerability

ZOHO ManageEngine OpManager is a set of network, server and virtualization monitoring software from ZOHO. A cross-site scripting vulnerability exists in version 12.3 of ZOHO ManageEngine OpManager prior to Build 123223. The vulnerability can be exploited by remote attackers to inject arbitrary we...

6.1CVSS5.9AI score0.02411EPSS
Exploits1References1
Rows per page
Query Builder