Lucene search
K

6 matches found

EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42576

SOPlanning is vulnerable to SQL injection in the audit retention configuration. An attacker holding parametersall rights can inject SQL commands into the audit configuration form which is then saved. The execution is triggered when the audit functionality is accessed by the attacker or another...

8.6CVSS6.2AI score0.00277EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 5 days ago8 views

CVE-2026-50644

SOPlanning is vulnerable to SQL injection in the audit retention configuration. An attacker holding parametersall rights can inject SQL commands into the audit configuration form which is then saved. The execution is triggered when the audit functionality is accessed by the attacker or another...

8.6CVSS6.2AI score0.00277EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.5 views

ZOHO ManageEngine ADAudit Plus 安全漏洞

ZOHO ManageEngine ADAudit Plus is used by ZOHO to simplify auditing, demonstrate compliance and detect threats. A security vulnerability exists in ZOHO ManageEngine ADAudit Plus version 8110 and prior versions, which stems from vulnerability to authenticated SQL injection attacks in a file audit...

8.8CVSS7.6AI score0.04702EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/01/26 8:21 p.m.42 views

Cross-Site Request Forgery (CSRF) in livehelperchat

A CSRF issue is found in the audit configuration under settings. It was found that no CSRF token validation is getting done on the server-side. If we remove the CSRF token and keep the CSRF token field empty, the action is getting performed...

4.3CVSS1.7AI score0.00434EPSS
Exploits1References4Affected Software1
Huntr
Huntr
added 2022/01/13 12:42 p.m.20 views

Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat

Description A CSRF issue is found in the audit configuration under settings. It was found that no CSRF token validation is getting done on the server-side. If we remove the CSRF token and keep the CSRF token field empty, the action is getting performed. Proof of Concept Request POST...

4.3CVSS4.5AI score0.00434EPSS
Exploits1
CNVD
CNVD
added 2020/04/29 12:0 a.m.5 views

Opmantek Open-AudIT Injection Vulnerability

Opmantek Open-AudIT is an open source network discovery and auditing program from Opmantek USA. The program intelligently scans networks and network devices and provides status reports. Opmantek Open-AudIT suffers from an injection vulnerability. An attacker can exploit this vulnerability to inje...

9CVSS7.6AI score0.09999EPSS
Exploits3References1
Rows per page
Query Builder