CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

NVD•added 2024/04/03 4:15 a.m.•7 views

CVE-2024-31009

SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via lgid parameter in Banner.php...

6.5CVSS7AI score0.00118EPSS

Exploits1References1

OSV•added 2024/04/03 4:15 a.m.•1 views

CVE-2024-31009

SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via lgid parameter in Banner.php...

6.5CVSS5.8AI score

Exploits0References1

NVD•added 2024/04/03 4:15 a.m.•8 views

CVE-2024-31010

SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Banner.php...

7.5CVSS7AI score0.00126EPSS

Exploits1References1

CVE•added 2024/04/03 12:0 a.m.•60 views

CVE-2024-31010

CVE-2024-31010 affects SEMCMS v4.8; the vulnerability is a SQL injection via the ID parameter in Banner.php. Root cause is an injectable ID parameter exposing sensitive information. Documented impact is high confidentiality risk with no availability/ integrity impact. Related sources confirm the ...

7.5CVSS7.3AI score0.00126EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2024/04/03 12:0 a.m.•10 views

CVE-2024-31009

SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via lgid parameter in Banner.php...

7.4AI score0.00118EPSS

Exploits1References1

Cvelist•added 2024/04/03 12:0 a.m.•11 views

CVE-2024-31009

SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via lgid parameter in Banner.php...

7.2AI score0.00118EPSS

Exploits1References1

CVE•added 2024/04/03 12:0 a.m.•50 views

CVE-2024-31009

CVE-2024-31009 involves a SQL injection in SEMCMS v4.8, exploitable via the lgid parameter in Banner.php. The vulnerability could allow a remote attacker to obtain sensitive information. No exploitation details are provided in the documents; CVSS base score is 6.5 (MEDIUM). Remediation or workaro...

6.5CVSS7.3AI score0.00118EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2024/04/03 12:0 a.m.•11 views

CVE-2024-31010

SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Banner.php...

7.3AI score0.00126EPSS

Exploits1References1

Cvelist•added 2024/04/03 12:0 a.m.•11 views

CVE-2024-31010

SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Banner.php...

7.2AI score0.00126EPSS

Exploits1References1

Positive Technologies•added 2024/04/02 12:0 a.m.•2 views

PT-2024-23721 · Semcms · Semcms

Name of the Vulnerable Software and Affected Versions: SEMCMS version 4.8 Description: The issue allows a remote attacker to obtain sensitive information via the lgid parameter in Banner.php. This is a result of a SQL injection vulnerability. Recommendations: For SEMCMS version 4.8, consider...

6.5CVSS7.7AI score0.00118EPSS

Exploits1References5

Openbugbounty•added 2017/04/19 8:4 a.m.•19 views

bewellbydrfranklipman.com XSS vulnerability

Vulnerable URL: http://www.bewellbydrfranklipman.com/affiliate/scripts/banner.php?aaid=6b660bd9bid=33bbed2f"'--!confirmOPENBUGBOUNTY...

6.9AI score

Exploits0

Exploit DB•added 2010/12/11 12:0 a.m.•20 views

Cetera eCommerce - 'banner.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/45374/info Cetera eCommerce is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score

Exploits0

Exploit DB•added 2010/04/21 12:0 a.m.•23 views

e107 0.7.x - '/e107_admin/banner.php' SQL Injection

source: https://www.securityfocus.com/bid/39609/info e107 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or...

7.4AI score

Exploits0

Prion•added 2007/01/26 1:28 a.m.•10 views

Sql injection

SQL injection vulnerability in banner.php in Unique Ads UDS 1.x allows remote attackers to execute arbitrary SQL commands via the bid parameter...

7.5CVSS9AI score0.0049EPSS

Exploits0References3Affected Software1

CVE•added 2007/01/26 1:0 a.m.•39 views

CVE-2007-0520

The CVE-2007-0520 entry describes a SQL injection in banner.php of Unique Ads (UDS) 1.x, exploitable via the bid parameter to execute arbitrary SQL commands remotely. This vulnerability is confirmed by multiple sources (NVD entry and related references) and is categorized with network attack vect...

7.5CVSS8.4AI score0.0049EPSS

Exploits0References3Affected Software1

exploitpack•added 2007/01/22 12:0 a.m.•11 views

Unique Ads - Banner.php SQL Injection

Unique Ads - Banner.php SQL Injection source: https://www.securityfocus.com/bid/22164/info Unique Ads is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

0.4AI score

Exploits0

NVD•added 2005/06/16 4:0 a.m.•10 views

CVE-2005-1951

Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and earlier allow remote attackers to spoof web content and poison web caches via hex-encoded CRLF "%0d%0a" sequences in the 1 productsid or 2 pid parameter to index.php or 3 goto parameter to banner.php...

5CVSS6.8AI score0.04248EPSS

Exploits0References5

Cvelist•added 2005/06/14 4:0 a.m.•12 views

CVE-2005-1951

6.8AI score0.04248EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by