CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

OSV•added 2025/04/27 8:15 a.m.•2 views

CVE-2025-3963

A vulnerability, which was classified as critical, has been found in withstars Books-Management-System 1.0. This issue affects some unknown processing of the file /admin/article/list of the component Background Interface. The manipulation leads to missing authorization. The attack may be initiate...

9.8CVSS5.3AI score

Exploits0References4

CNNVD•added 2025/04/27 12:0 a.m.•0 views

Books-Management-System 安全漏洞

Books-Management-System is a book management system by withstars individual developers. A security vulnerability exists in Books-Management-System version 1.0, which stems from an incorrect operation of the file /admin/article/list resulting in a missing authorization...

9.8CVSS7.4AI score0.00106EPSS

Exploits1References2

OSV•added 2025/03/21 3:15 p.m.•3 views

CVE-2025-2593

A vulnerability has been found in FastCMS up to 0.1.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/client/article/list. The manipulation of the argument orderBy leads to sql injection. The attack can be launched remotely. The exploit has...

5.3CVSS5.7AI score0.00041EPSS

Exploits1References5

CNNVD•added 2025/03/21 12:0 a.m.•3 views

FastCMS 安全漏洞

FastCMS is a content management system from FastCMS Inc. A security vulnerability exists in FastCMS 0.1.5 and earlier versions, which stems from improper manipulation of the orderBy parameter in the /api/client/article/list file, which could lead to a SQL injection attack...

6.5CVSS6.9AI score0.00041EPSS

Exploits1References6

ATTACKERKB•added 2022/09/09 2:15 p.m.•1 views

CVE-2022-38273

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/listapprove...

7.2CVSS5.9AI score0.00368EPSS

Exploits1References2

NVD•added 2022/09/09 2:15 p.m.•9 views

CVE-2022-38272

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/list...

7.2CVSS0.00368EPSS

Exploits1References1

ATTACKERKB•added 2022/09/09 2:15 p.m.•2 views

CVE-2022-38272

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/list...

7.2CVSS5.9AI score0.00368EPSS

Exploits1References2

Cvelist•added 2022/09/09 1:41 p.m.•13 views

CVE-2022-38272

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/list...

7.6AI score0.00368EPSS

Exploits1References1

CNNVD•added 2022/09/09 12:0 a.m.•2 views

JFinal SQL注入漏洞

JFinal is a Java-based WEB + ORM open source framework. JFinal CMS version 5.1.0 has a security vulnerability , the vulnerability stems from /admin/article/list SQL injection vulnerability...

7.2CVSS7.2AI score0.00368EPSS

Exploits1References2

CNVD•added 2017/07/28 12:0 a.m.•1 views

Niushop open source mall system has multiple SQL injection vulnerabilities

NiuShop open source mall system , is by the Shanxi Niu Cool Information Technology Co., Ltd. completely independent design , research and development of a PHP open source e-commerce system . NiuShop open source mall system collectionGoodsOrShopt, cancelCollGoodsOrShop, platformAdvList,...

7.8AI score

Exploits0

OSV•added 2017/07/18 5:29 a.m.•1 views

CVE-2017-11418

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/apparticle/controller/articlelist.php via $GET'cat', $GET'user', $GET'level', and $GET'iSortCol'.$i...

9.8CVSS5.8AI score

Exploits0References1

CNVD•added 2017/07/18 12:0 a.m.•2 views

Fiyo CMS SQL Injection Vulnerability (CNVD-2017-23891)

Fiyo CMS is a content management system CMS for creating CMS templates. A SQL injection vulnerability exists in the dapur/apps/apparticle/controller/articlelist.php file in Fiyo CMS version 2.0.7. A remote attacker can exploit this vulnerability with the help of $GET'cat', $GET'user', $GET'level'...

9.8CVSS10AI score0.00271EPSS

Exploits0References1

NVD•added 2015/04/14 2:59 p.m.•16 views

CVE-2014-9145

Multiple SQL injection vulnerabilities in Fiyo CMS 2.0.1.8 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in an edit action to dapur/index.php; 2 cat, 3 user, or 4 level parameter to dapur/apps/apparticle/controller/articlelist.php; or 5 email parameter in an emai...

7.5CVSS8.4AI score0.01016EPSS

Exploits5References1

NVD•added 2010/05/20 5:30 p.m.•12 views

CVE-2010-1997

Cross-site scripting XSS vulnerability in admin/edit.php in Saurus CMS 4.7.0 allows remote authenticated users, with "Article list" edit privileges, to inject arbitrary web script or HTML via the pealkiri parameter...

2.1CVSS5.3AI score0.00796EPSS

Exploits1References6

ATTACKERKB•added 2010/05/20 5:30 p.m.•3 views

CVE-2010-1997

2.1CVSS5.7AI score0.00796EPSS

Exploits1References7

CVE•added 2010/05/20 5:0 p.m.•41 views

CVE-2010-1997

The CVE refers to a Cross-site Scripting (XSS) vulnerability in Saurus CMS 4.7.0, specifically in admin/edit.php. The issue is triggered by the HTTP POST parameter pealkiri, allowing remote authenticated users who have "Article list" edit privileges to inject arbitrary web script or HTML that exe...

2.1CVSS5.5AI score0.00796EPSS

Exploits1References6Affected Software1

Cvelist•added 2009/08/25 10:0 a.m.•18 views

CVE-2008-7075

Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. Star Articles 6.0 allow remote attackers to inject arbitrary SQL commands via 1 the subcatid parameter to article.list.php; or the artid parameter to 2 article.print.php, 3 article.comments.php, 4 article.publisher.php, or 5...

8AI score0.03258EPSS

Exploits1References11

exploitpack•added 2008/11/26 12:0 a.m.•18 views

Star Articles 6.0 - Blind SQL Injection (1)

Star Articles 6.0 - Blind SQL Injection 1 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + stararticles blind sql injection Vulnerability + + + + Discovered by b3hz4d + + + + WwW.DeltaHacking.Net + + + + + + +...

0.3AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by