Lucene search
K

13188 matches found

0day.today
0day.today
added 2017/06/19 12:0 a.m.62 views

nuevoMailer 6.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: nuevoMailer version 6.0 and earlier time-based SQL Injection Exploit Author: ALEH BOITSAU Google Dork: inurl:/inc/rdr.php? Date: 2017-06-09 Vendor Homepage: https://www.nuevomailer.com/ Version: 6.0 and earlier Tested on: Linux...

7.5CVSS9.7AI score0.0196EPSS
Exploits4
CNVD
CNVD
added 2017/06/15 12:0 a.m.4 views

WordPress WP Jobs Plugin SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.WP Jobs plugin is one of the post management plugin. A SQL injection vulnerability exists in WordPress WP Jobs plug...

8.8CVSS8.2AI score0.04929EPSS
Exploits4References1
Prion
Prion
added 2017/06/13 6:29 a.m.15 views

Sql injection

Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager CUCDM could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries, aka SQL Injection. More Information: CSCvc52784 CSCvc97648. Known Affected...

4CVSS5.6AI score0.01309EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2017/06/12 1:29 p.m.30 views

CVE-2017-9418

SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php...

8.8CVSS9.1AI score0.0239EPSS
Exploits4References2
Prion
Prion
added 2017/06/12 1:29 p.m.12 views

Sql injection

SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php...

6.5CVSS8.6AI score0.0239EPSS
Exploits4References2Affected Software1
Exploit DB
Exploit DB
added 2017/06/11 12:0 a.m.42 views

WordPress Plugin WP Jobs < 1.5 - SQL Injection

Exploit Title: WordPress Plugin WP Jobs 1.5 - SQL Injection Date: 11-06-2017 Exploit Author: Dimitrios Tsagkarakis Website: dtsa.eu Software Link: https://en-gb.wordpress.org/plugins/wp-jobs/ Vendor Homepage: http://www.intensewp.com/ Version: 1.4 CVE : CVE-2017-9603 Category: webapps 1...

8.8CVSS9AI score0.04929EPSS
Exploits4
OSV
OSV
added 2017/06/09 4:29 p.m.3 views

CVE-2017-2195

SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors...

8.8CVSS6AI score0.01617EPSS
Exploits0References3
NVD
NVD
added 2017/06/09 4:29 p.m.16 views

CVE-2017-2195

SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors...

8.8CVSS8.9AI score0.01617EPSS
Exploits0References3
Prion
Prion
added 2017/06/09 4:29 p.m.14 views

Sql injection

SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors...

6.5CVSS8.9AI score0.01617EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2017/06/09 4:29 p.m.14 views

Sql injection

SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function...

6.5CVSS8.6AI score0.01594EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/06/09 4:0 p.m.23 views

CVE-2017-2195

SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors...

8.9AI score0.01617EPSS
Exploits0References3
CVE
CVE
added 2017/06/09 4:0 p.m.49 views

CVE-2016-7803

CVE-2016-7803 is a SQL injection in Cybozu Garoon 3.0.0 through 4.2.2, caused by the MultiReport function. The flaw allows remote authenticated users to execute arbitrary SQL commands against the underlying database. Affected software: Cybozu Garoon 3.0.0–4.2.2 (per multiple sources). Root cause ...

8.8CVSS8.8AI score0.01594EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2017/06/09 12:0 a.m.27 views

nuevoMailer 6.0 - SQL Injection

nuevoMailer 6.0 - SQL Injection Exploit Title: nuevoMailer version 6.0 and earlier time-based SQL Injection Exploit Author: ALEH BOITSAU Google Dork: inurl:/inc/rdr.php? Date: 2017-06-09 Vendor Homepage: https://www.nuevomailer.com/ Version: 6.0 and earlier Tested on: Linux CVE: CVE-2017-9730...

7.5CVSS10AI score0.0196EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/06/09 12:0 a.m.35 views

nuevoMailer 6.0 - SQL Injection

Exploit Title: nuevoMailer version 6.0 and earlier time-based SQL Injection Exploit Author: ALEH BOITSAU Google Dork: inurl:/inc/rdr.php? Date: 2017-06-09 Vendor Homepage: https://www.nuevomailer.com/ Version: 6.0 and earlier Tested on: Linux CVE: CVE-2017-9730 Description: SQL injection...

9.8CVSS9.8AI score0.0196EPSS
Exploits4
OSV
OSV
added 2017/06/06 3:29 p.m.19 views

CVE-2017-9449

SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core/admin/modules/developer/modules/views/create.php. The attacker creates a crafted table name at admin/developer/modules/views/create/ and the injection is visible ...

8.8CVSS8.2AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/06/06 5:54 a.m.1 views

WordPress plugin "Multi Feed Reader" vulnerable to SQL injection

Overview The WordPress plugin "Multi Feed Reader" contains an SQL injection vulnerability CWE-89. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attacker who...

8.8CVSS7.8AI score0.01617EPSS
Exploits0References5
Prion
Prion
added 2017/06/04 11:29 p.m.10 views

Sql injection

SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core\admin\modules\developer\modules\designer\form-create.php. The attacker creates a crafted table name at admin/developer/modules/designer/ and the injection is...

6.5CVSS8.5AI score0.01607EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2017/06/04 11:29 p.m.18 views

CVE-2017-9427

SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core\admin\modules\developer\modules\designer\form-create.php. The attacker creates a crafted table name at admin/developer/modules/designer/ and the injection is...

8.8CVSS8.2AI score
Exploits0References1
Cvelist
Cvelist
added 2017/06/04 2:0 p.m.21 views

CVE-2017-9427

SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core\admin\modules\developer\modules\designer\form-create.php. The attacker creates a crafted table name at admin/developer/modules/designer/ and the injection is...

8.8AI score0.01607EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2017/06/03 12:0 a.m.47 views

WordPress WP-Testimonials SQL Injection

Exploit Title: WP-Testimonials 3.4.1 Union Based SQL Injection Date: 03-06-2017 Exploit Author: Dimitrios Tsagkarakis Website: dtsa.eu Software Link: https://en-gb.wordpress.org/plugins/wp-testimonials/ Vendor Homepage: http://www.sunfrogservices.com/web-programmer/wp-testimonials/ Version: 3.4.1...

8.8AI score0.0239EPSS
Exploits4
Rows per page
Query Builder