Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OpenVAS
OpenVASadded 2014/03/11 12:0 a.m.42 views

OpenDocMan 'ajax_udf.php' Multiple SQL Injection Vulnerabilities

OpenDocMan is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.5CVSS8.9AI score0.00578EPSS
Exploits6References1
NVD
NVDadded 2014/03/09 1:16 p.m.15 views

CVE-2014-1945

SQL injection vulnerability in ajaxudf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the addvalue parameter...

7.5CVSS8.2AI score0.00578EPSS
Exploits6References5
NVD
NVDadded 2014/03/09 1:16 p.m.13 views

CVE-2014-2317

SQL injection vulnerability in ajaxudf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the table parameter. NOTE: some of these details are obtained from third party information...

6.8CVSS8.3AI score0.00771EPSS
Exploits0References3
Prion
Prionadded 2014/03/09 1:16 p.m.22 views

Sql injection

SQL injection vulnerability in ajaxudf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the addvalue parameter...

7.5CVSS8.9AI score0.00578EPSS
Exploits6References5Affected Software1
Prion
Prionadded 2014/03/09 1:16 p.m.8 views

Sql injection

SQL injection vulnerability in ajaxudf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the table parameter. NOTE: some of these details are obtained from third party information...

6.8CVSS9AI score0.00771EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2014/03/07 8:0 p.m.21 views

CVE-2014-1945

SQL injection vulnerability in ajaxudf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the addvalue parameter...

9.1AI score0.00578EPSS
Exploits6References5
CVE
CVEadded 2014/03/07 8:0 p.m.37 views

CVE-2014-2317

The CVE-2014-2317 issue affects OpenDocMan prior to version 1.2.7.2, where an SQL injection vulnerability exists in ajax_udf.php that allows an attacker to manipulate the database via the table parameter. The vulnerability is described as remote SQL command execution with potential impact on conf...

6.8CVSS8.7AI score0.00771EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2014/03/07 8:0 p.m.217 views

CVE-2014-1945

OpenDocMan is affected by CVE-2014-1945: a SQL Injection in the ajax_udf.php script (parameter add_value) allows remote attackers to manipulate the database. Affected product/version: OpenDocMan before 1.2.7.2. Root cause: insufficient input validation in ajax_udf.php leading to arbitrary SQL exe...

7.5CVSS9AI score0.00578EPSS
Exploits6References5Affected Software1
seebug.org
seebug.orgadded 2014/02/27 12:0 a.m.50 views

OpenDocMan 'ajax_udf.php'多个SQL注入漏洞

Bugtraq ID:65775 CVE ID:CVE-2014-1945 OpenDocMan是一款开源基于WEB的文档管理系统。 对通过"addvalue" GET参数和"table" GET提交给ajaxudf.php的输入缺少充分过滤,允许攻击者利用漏洞进行SQL注入攻击,可获得敏感数据库信息或控制应用系统。 0 OpenDocMan 1.2.7.1 厂商补丁: OpenDocMan ----- OpenDocMan 1.2.7.2已经修复该漏洞,建议用户下载更新: http://www.opendocman.com...

7.5CVSS8.7AI score0.00578EPSS
Exploits6
Rows per page
Query Builder