Lucene search
+L

76 matches found

CNNVD
CNNVD
added 2022/08/29 12:0 a.m.5 views

Ingredients Stock Management System SQL注入漏洞

Ingredients Stock Management System is an ingredient stock management system from Carlo Montero's personal developer. v1.0 of the Ingredients Stock Management System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the month parameter of...

8.8CVSS7.7AI score0.00866EPSS
Exploits1References2
OSV
OSV
added 2022/08/27 9:15 a.m.4 views

CVE-2022-3015

A vulnerability, which was classified as problematic, has been found in oretnom23 Fast Food Ordering System. This issue affects some unknown processing of the file admin/?page=reports. The manipulation of the argument date leads to cross site scripting. The attack may be initiated remotely. The...

6.1CVSS4AI score0.0035EPSS
Exploits0References1
OSV
OSV
added 2022/08/27 9:15 a.m.4 views

CVE-2022-3012

A vulnerability was found in oretnom23 Fast Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file ffos/admin/reports/index.php. The manipulation of the argument date leads to sql injection. The attack may be launched remotely. The...

8.8CVSS5.8AI score0.00613EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/06/21 12:0 a.m.4 views

Hindu Matrimonial Script 安全漏洞

PHP Matrimonial Script Hindu Matrimonial Script is an online matrimonial service website from PHP Matrimonial Script India. A security vulnerability exists in Hindu Matrimonial Script that stems from improperly managed permissions in /admin/reports.php...

8.8CVSS7.9AI score0.00797EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/06/02 2:15 p.m.2 views

CVE-2022-31974

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=...

7.2CVSS7.2AI score0.04903EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.6 views

Rescue Dispatch Management System SQL注入漏洞

Rescue Dispatch Management System is a rescue dispatch management system from Carlo Montero's personal developer. rescue dispatch management system v1.0 is vulnerable to SQL injection, which originates from /rdms/admin/ The vulnerability originates from...

9.8CVSS6AI score0.01081EPSS
Exploits1References2
OSV
OSV
added 2022/05/20 1:15 p.m.6 views

CVE-2022-30886

School Dormitory Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /dms/admin/reports/dailycollectionreport.php...

9.8CVSS7.3AI score0.02019EPSS
Exploits1References1
CNVD
CNVD
added 2020/07/13 12:0 a.m.5 views

Glacies IceHRM SQL Injection Vulnerability

Glacies IceHRM is a human resource management system from the Glacies team in Germany. The system includes features such as expense management, recruitment management, payroll management and leave management. A SQL injection vulnerability exists in the Admin Reports feature in Glacies IceHRM...

7.2CVSS8.2AI score0.01727EPSS
Exploits1References1
NVD
NVD
added 2020/07/10 6:15 p.m.17 views

CVE-2020-6114

An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS Commit bb274de1751ffb9d09482fd2538f9950a94c510a . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this...

7.2CVSS0.01727EPSS
Exploits1References1
Prion
Prion
added 2020/07/10 6:15 p.m.19 views

Sql injection

An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS Commit bb274de1751ffb9d09482fd2538f9950a94c510a . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this...

6.5CVSS7.2AI score0.01727EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/07/10 5:51 p.m.63 views

CVE-2020-6114

The CVE-2020-6114 issue affects Glacies IceHRM v26.6.0.OS Admin Reports. TALOS details show an exploitable SQL injection caused by improper handling of the ob parameter used to build the ORDER BY clause in data retrieval paths (core/data.php → BaseService->getData, then Find). The vulnerabilit...

7.2CVSS7.3AI score0.01727EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/07/10 5:51 p.m.27 views

CVE-2020-6114

An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS Commit bb274de1751ffb9d09482fd2538f9950a94c510a . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this...

6.6CVSS7.3AI score0.01727EPSS
Exploits1References1
Talos
Talos
added 2020/07/10 12:0 a.m.44 views

Glacies IceHRM Admin Reports SQL injection Vulnerability

Summary An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS Commit bb274de1751ffb9d09482fd2538f9950a94c510a . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this...

7.2CVSS7.2AI score0.01727EPSS
Exploits1
NVD
NVD
added 2014/04/08 2:22 p.m.24 views

CVE-2011-4958

Cross-site scripting XSS vulnerability in the process function in SSViewer.php in SilverStripe before 2.3.13 and 2.4.x before 2.4.6 allows remote attackers to inject arbitrary web script or HTML via the QUERYSTRING to template placeholders, as demonstrated by a request to 1 admin/reports/, 2...

4.3CVSS5.7AI score0.04285EPSS
Exploits1References9
Prion
Prion
added 2014/04/08 2:22 p.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the process function in SSViewer.php in SilverStripe before 2.3.13 and 2.4.x before 2.4.6 allows remote attackers to inject arbitrary web script or HTML via the QUERYSTRING to template placeholders, as demonstrated by a request to 1 admin/reports/, 2...

4.3CVSS6.2AI score0.04285EPSS
Exploits1References9Affected Software1
Packet Storm
Packet Storm
added 2011/03/25 12:0 a.m.27 views

Unidesk Management Administrative Bypass

------------------------------------------------------------------ 1. Summary: Unidesk management appliance is prone to a forceful browsing vulnerability that allows an attacker access to administrator resources. ------------------------------------------------------------------ 2. Description: T...

0.3AI score
Exploits0
Rows per page
Query Builder