Lucene search
K

177 matches found

Positive Technologies
Positive Technologies
added 2024/04/03 12:0 a.m.4 views

PT-2024-24711 · Unknown · Sourcecodester Internship Portal Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Internship Portal Management System version 1.0 Description: A critical issue has been discovered, affecting the file admin/delete activity.php. The manipulation of the activity id argument leads to SQL injection. This issue ca...

7.2CVSS7.1AI score0.00758EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/04/03 12:0 a.m.4 views

Internship Portal Management System SQL注入漏洞

Internship Portal Management System is an internship portal management system by the individual developer ChatikoboL. A SQL injection vulnerability exists in Internship Portal Management System version 1.0, which is caused by a SQL injection vulnerability in the activityid parameter of the...

7.2CVSS7AI score0.00758EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/12/25 12:0 a.m.5 views

PT-2023-30873 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS versions 9.0.0 through 9.2.2 Description: The issue allows an attacker to force an admin user to delete server report logs on a web application to which they are currently authenticated via the API endpoint...

4.3CVSS4.5AI score0.00227EPSS
Exploits0References9
OSV
OSV
added 2023/12/05 3:30 p.m.2 views

GHSA-765F-3MGX-24PW Cross-Site Request Forgery in JFinalCMS via /admin/friend_link/delete

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/friendlink/delete...

8.8CVSS5.9AI score0.00391EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/12/05 12:0 a.m.4 views

JFinalCMS Security Vulnerability

JFinalCMS is a content management system by heyewei individual developer. A security vulnerability exists in JFinalCMS v5.0.0, which originates from a cross-site request forgery vulnerability in the /admin/div/delete component...

8.8CVSS8.4AI score0.00391EPSS
Exploits1References1
OSV
OSV
added 2023/03/13 10:15 p.m.1 views

CVE-2023-27052

E-Commerce System v1.0 ws discovered to contain a SQL injection vulnerability via the id parameter at /admin/deleteuser.php...

9.8CVSS7.3AI score
Exploits0References1
CNNVD
CNNVD
added 2023/03/13 12:0 a.m.3 views

Moosikay E-Commerce System SQL注入漏洞

Moosikay E-Commerce System is an e-commerce system by the individual developer Arvin Arandilla. A security vulnerability exists in Moosikay E-Commerce System v1.0, which was discovered to contain an SQL injection vulnerability via the id parameter in /admin/deleteuser.php...

9.8CVSS8.7AI score0.00752EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/03/13 12:0 a.m.5 views

PT-2023-20917 · Unknown · E-Commerce System

Name of the Vulnerable Software and Affected Versions: E-Commerce System version 1.0 Description: A SQL injection issue was found in the E-Commerce System. The vulnerability can be exploited via the id parameter at the "/admin/delete user.php" API endpoint. Recommendations: For E-Commerce System...

9.8CVSS7.8AI score0.00752EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/01/13 12:0 a.m.5 views

Dynamic Transaction Queuing System SQL注入漏洞

Dynamic Transaction Queuing System is a dynamic transaction queuing system using PHP/MySQL by Carlo Montero, an individual developer. A security vulnerability exists in Dynamic Transaction Queuing System v1.0, which stems from the id parameter of its /admin/ajax.php?action=deletewindow component...

7.2CVSS7.2AI score0.00821EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/01/13 12:0 a.m.4 views

Dynamic Transaction Queuing System SQL注入漏洞

Dynamic Transaction Queuing System is a dynamic transaction queuing system using PHP/MySQL by Carlo Montero, an individual developer. A security vulnerability exists in Dynamic Transaction Queuing System v1.0, which stems from the id parameter of its /admin/ajax.php?action=deleteuser component th...

7.2CVSS7.2AI score0.00821EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/01/13 12:0 a.m.5 views

Dynamic Transaction Queuing System SQL注入漏洞

Dynamic Transaction Queuing System is a dynamic transaction queuing system using PHP/MySQL by Carlo Montero, an individual developer. A security vulnerability exists in Dynamic Transaction Queuing System v1.0, which stems from the id parameter of its /admin/ajax.php?action=deleteuploads component...

7.2CVSS7.2AI score0.00821EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/08/30 9:15 p.m.4 views

CVE-2022-36735

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /admin/delete.php...

9.8CVSS5.9AI score0.00789EPSS
Exploits1References2
OSV
OSV
added 2022/08/30 9:15 p.m.2 views

CVE-2022-36735

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /admin/delete.php...

9.8CVSS5.8AI score0.00789EPSS
Exploits1References1
Prion
Prion
added 2022/08/30 9:15 p.m.19 views

Sql injection

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /admin/delete.php...

7.5CVSS9.7AI score0.00789EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/08/30 12:0 a.m.3 views

Library Management System SQL注入漏洞

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in Library Management System v1.0, which was discovered to contain an SQL injection vulnerability via the MI...

9.8CVSS8.5AI score0.00789EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/08/30 12:0 a.m.4 views

Library Management System SQL注入漏洞

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in Library Management System v1.0, which was discovered to contain an SQL injection vulnerability via the...

9.8CVSS8.5AI score0.00789EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/06/02 2:15 p.m.3 views

CVE-2022-30804

elitecms v1.01 is vulnerable to Delete any file via /admin/deleteimage.php?file=...

6.5CVSS5.8AI score0.01047EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/05/31 12:0 a.m.4 views

PT-2022-20323 · Elitecms · Elitecms

Name of the Vulnerable Software and Affected Versions: elitecms version 1.01 Description: The issue allows deletion of any file via the "/admin/delete image.php?file=" API endpoint. The estimated number of potentially affected devices worldwide is not specified. There is no information about...

6.5CVSS6.3AI score0.01047EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/05/26 2:15 p.m.2 views

CVE-2022-29681

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del...

7.2CVSS6AI score0.00896EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/05/26 2:15 p.m.2 views

CVE-2022-29670

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/del...

7.2CVSS6AI score0.00896EPSS
Exploits1References2
Rows per page
Query Builder