Lucene search
K

57 matches found

CNVD
CNVD
added 2017/07/19 12:0 a.m.5 views

Atutor SQL Injection Vulnerability (CNVD-2017-24615)

ATutor is an open source Web-based learning content management system LCMS developed by the ATutor team. The system includes teaching content management, forums, chat rooms and other modules. Atutor SQL Injection Vulnerability. Allows attackers to exploit vulnerabilities to access or modify data,...

9.8CVSS10AI score0.04689EPSS
Exploits0References1
CVE
CVE
added 2017/04/24 7:0 p.m.43 views

CVE-2017-3571

CVE-2017-3571 affects Oracle PeopleSoft Enterprise SCM eBill Payment (component: Security) version 9.2. A vulnerability allows a high-privilege attacker with network access via HTTP to compromise the SCM eBill Payment component, potentially enabling unauthorized creation, deletion or modification...

6.5CVSS6.3AI score0.01904EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/12/29 12:0 a.m.3 views

Joomla Blog Calender 'index.php' SQL Injection Vulnerability

Joomla! is an open source content management system CMS. A SQL injection vulnerability exists in Joomla Blog Calender 'index.php'. Due to the program failing to adequately validate user-supplied input before using it in a SQL query. Successful exploitation of this vulnerability would allow an...

8.1AI score
Exploits0References1
CNVD
CNVD
added 2016/11/04 12:0 a.m.3 views

Mini Notice Board SQL Injection Vulnerability

Mini Notice Board 1.1 is an online bulletin board application that primarily facilitates the posting of trading announcements. A SQL injection vulnerability exists in the addcard.php page of Mini Notice Board version 1.1, which can be exploited by an attacker to compromise the application, access...

8.1AI score
Exploits0References1
CNVD
CNVD
added 2016/10/11 12:0 a.m.4 views

TYPO3 GN Tactics Planner Extension SQL Injection Vulnerability

TYPO3 is a free and open source content management system. A SQL injection vulnerability exists in TYPO3 GN Tactics Planner Extension due to the program failing to adequately clean up user input. An attacker could exploit the vulnerability to access or modify data...

7.9AI score
Exploits0References1
CNVD
CNVD
added 2016/07/20 12:0 a.m.2 views

Symphony SQL Injection Vulnerability (CNVD-2016-05127)

Symphony is a content management system CMS developed using PHP and MySQL. A SQL injection vulnerability exists in Symphony, which can be exploited by an attacker to take full control of the program and access or modify data...

8.1AI score
Exploits0References1
CNVD
CNVD
added 2016/07/20 12:0 a.m.3 views

LG NAS N1A1 has multiple security vulnerabilities

The LG NAS N1A1 is a network storage device developed by the South Korean Lakin LG Group. Arbitrary file upload/download, security bypass, SQL injection, and unauthorized operation vulnerabilities exist in the Familycast service in the LG NAS N1A1 version 10119, which can be exploited by an...

8.3AI score
Exploits0References1
OSV
OSV
added 2016/07/02 2:59 p.m.6 views

CVE-2016-2968

IBM Security QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unspecified vectors...

6.5CVSS5.8AI score
Exploits0References1
CNVD
CNVD
added 2016/01/23 12:0 a.m.5 views

Unspecified Vulnerability in Oracle E-Business Suite Oracle E-Business Intelligence Definition Component (CNVD-2016-00641)

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle E-Business Intelligence Common component, which could be exploited by remote attackers to submit a special request to access and modify...

6.4CVSS6.8AI score0.01817EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/04 12:0 a.m.4 views

Joomla! com_memorix component 'index.php' SQL Injection Vulnerability

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. The system provides RSS feeds , site search and other functions . A SQL injection vulnerability exists in the Joomla commemorix component 'index.php'. The vulnerability exists becau...

8AI score
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Magic Calendar Lite 1.02 Index.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16734/info Magic Calendar Lite is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2009/03/20 12:0 a.m.24 views

Pixie CMS Multiple Vulnerabilities (Mar 2009) - Active Check

Pixie CMS is prone to an SQL injection SQLi vulnerability and a cross-site scripting XSS vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...

7.5CVSS6.6AI score0.02388EPSS
Exploits1References1
exploitpack
exploitpack
added 2008/04/05 12:0 a.m.11 views

Prozilla Software Index 1.1 - SQL Injection

Prozilla Software Index 1.1 - SQL Injection source: https://www.securityfocus.com/bid/28677/info Prozilla Software Index is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2007/10/01 12:0 a.m.29 views

Ohesa Emlak Portal 1.0 - satilik.asp?Kategori SQL Injection

Ohesa Emlak Portal 1.0 - satilik.asp?Kategori SQL Injection source: https://www.securityfocus.com/bid/25880/info Ohesa Emlak Portal is prone to multiple SQL-injection vulnerabilities because it fails to adequately sanitize user-supplied input before using it in an SQL query. A successful exploit...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2006/03/20 12:0 a.m.9 views

phpWebSite 0.8.20.8.3 - friend.php?sid SQL Injection

phpWebSite 0.8.20.8.3 - friend.php?sid SQL Injection source: https://www.securityfocus.com/bid/17150/info phpWebSite is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A...

8.6AI score
Exploits0
Cvelist
Cvelist
added 2005/02/20 5:0 a.m.22 views

CVE-2004-1633

processbug.cgi in Bugzilla 2.9 through 2.18rc2 and 2.19 from CVS does not check edit permissions on the keywords field, which allows remote authenticated users to modify the keywords in a bug via the keywordaction parameter...

6.2AI score0.01164EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2001/12/01 12:0 a.m.24 views

EasyNews 1.5 - NewsDatabase/Template Modification

source: https://www.securityfocus.com/bid/3643/info EasyNews is a free, open-source script for displaying news stories on a website. EasyNews is prone to a vulnerability which may allow a remote attacker to modify information in its Newsdatabase. As a result, a remote attacker may post unmoderate...

7AI score
Exploits0
Rows per page
Query Builder