Lucene search
+L

72 matches found

OSV
OSV
added 2022/01/10 2:10 p.m.8 views

CVE-2021-45334

Sourcecodester Online Thesis Archiving System 1.0 is vulnerable to SQL Injection. An attacker can bypass admin authentication and gain access to admin panel using SQL Injection...

9.8CVSS5.8AI score0.02761EPSS
Exploits1References4
Prion
Prion
added 2022/01/10 2:10 p.m.15 views

Sql injection

Sourcecodester Online Thesis Archiving System 1.0 is vulnerable to SQL Injection. An attacker can bypass admin authentication and gain access to admin panel using SQL Injection...

7.5CVSS10AI score0.02761EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2022/01/10 12:0 a.m.9 views

Online Thesis Archiving System SQL注入漏洞

Online Thesis Archiving System is Sourcecodester open source provides an online platform to store students' theses or capstone projects. sourcecodester Online Thesis Archiving System is vulnerable to SQL injection in v1.0, which stems from a lack of validation of externally entered SQL statements...

9.8CVSS6.1AI score0.02761EPSS
Exploits1References5
CVE
CVE
added 2022/01/09 6:57 p.m.50 views

CVE-2021-45334

CVE-2021-45334 affects Sourcecodester Online Thesis Archiving System 1.0. Multiple connected sources describe a SQL Injection vulnerability in this product, caused by insufficient validation of externally supplied SQL statements in the application. The vulnerability can enable bypass of admin aut...

9.8CVSS10AI score0.02761EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/01/09 6:57 p.m.27 views

CVE-2021-45334

Sourcecodester Online Thesis Archiving System 1.0 is vulnerable to SQL Injection. An attacker can bypass admin authentication and gain access to admin panel using SQL Injection...

10AI score0.02761EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2021/12/14 12:0 a.m.309 views

Online Thesis Archiving System 1.0 SQL Injection / Cross Site Scripting

Exploit Title: Online Thesis Archiving System 1.0 - SQLi Authentication Bypass & Stored XSS Exploit Author: Yehia Elghaly YME Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15083/online-thesis-archiving-system-using-phpoop-free-source-code.html...

0.7AI score
Exploits0
0day.today
0day.today
added 2021/12/14 12:0 a.m.285 views

Online Thesis Archiving System 1.0 - SQL injection Authentication Bypass Vulnerability

Exploit Title: Online Thesis Archiving System 1.0 - SQLi Authentication Bypass Exploit Author: Yehia Elghaly YME Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15083/online-thesis-archiving-system-using-phpoop-free-source-code.html Version: Onli...

0.6AI score
Exploits0
CNNVD
CNNVD
added 2020/12/31 12:0 a.m.8 views

MailSherlock 安全漏洞

HGiga MailSherlock is an email archiving and auditing system that provides a complete email security solution. A weak authentication vulnerability exists in HGiga MailSherlock. An attacker can exploit this vulnerability to elevate privileges using a default password generation mechanism...

10CVSS5.8AI score0.01654EPSS
Exploits0References2
CNVD
CNVD
added 2018/11/12 12:0 a.m.26 views

Philips iSite PACS and IntelliSpace PACS Access Bypass Vulnerability

Philips iSite PACS and IntelliSpace PACS are both radiology image management systems for the healthcare industry from Philips in the Netherlands. An access bypass vulnerability exists in Philips iSite PACS and IntelliSpace PACS, which could be exploited by an attacker to compromise components of...

8.8CVSS8.6AI score0.00812EPSS
Exploits0References1
CNVD
CNVD
added 2016/05/31 12:0 a.m.2 views

SQL Injection Vulnerability in Image Archiving and Transmission System of Infidel Software (Shanghai) Co.

Infidel Software Shanghai Co., Ltd. image archiving and transmission system is a set of software about medical image archiving and transmission. An SQL injection vulnerability exists in the Image Archiving and Transfer System of Infinera Software Shanghai Co. Ltd, which can be exploited by an...

7.6AI score
Exploits0References1
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.27 views

XSS vulnerability in Dada Mail

The remote host is running Dada Mail, a free, e-mail list management system written in Perl. According to its banner, the remote version of this software does not properly validate user written content before submitting that data to the archiving system. A malicious user could embed arbitrary...

4.3CVSS6.6AI score0.01164EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.18 views

XSS vulnerability in Dada Mail

According to its banner, the remote version of Dada Mail does not properly validate user written content before submitting that data to the archiving system. SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...

4.3CVSS6.8AI score0.01164EPSS
Exploits0References3
Rows per page
Query Builder