Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4673 matches found

Vulnrichment
Vulnrichmentadded 2023/05/25 12:0 a.m.7 views

CVE-2023-33280

In the Store Commander scquickaccounting module for PrestaShop through 3.7.3, multiple sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection...

7.8AI score0.00732EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/05/12 6:52 p.m.14 views

CVE-2023-32306 Time Tracker has Blind SQL Injection Vulnerability in Reports

Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the reports.php page was not validating all parameters in POST requests. Because some parameters were not...

8.8CVSS9.6AI score0.00862EPSS
Exploits0References1
OSV
OSVadded 2023/05/04 3:15 a.m.18 views

CVE-2023-29842

ChurchCRM 4.5.4 endpoint /EditEventTypes.php is vulnerable to Blind SQL Injection Time-based via the ENtyid POST parameter...

8.8CVSS8.4AI score0.00124EPSS
Exploits3References4
NVD
NVDadded 2023/05/04 3:15 a.m.9 views

CVE-2023-29842

ChurchCRM 4.5.4 endpoint /EditEventTypes.php is vulnerable to Blind SQL Injection Time-based via the ENtyid POST parameter...

8.8CVSS9.1AI score0.00124EPSS
Exploits3References4
Prion
Prionadded 2023/05/04 3:15 a.m.20 views

Sql injection

ChurchCRM 4.5.4 endpoint /EditEventTypes.php is vulnerable to Blind SQL Injection Time-based via the ENtyid POST parameter...

6.5CVSS9.4AI score0.00124EPSS
Exploits3References4Affected Software1
Positive Technologies
Positive Technologiesadded 2023/05/04 12:0 a.m.2 views

PT-2023-22441 · Churchcrm · Churchcrm

Name of the Vulnerable Software and Affected Versions: ChurchCRM version 4.5.4 Description: The issue concerns a Blind SQL Injection vulnerability, specifically time-based, affecting the /EditEventTypes.php endpoint through the EN tyid POST parameter. Recommendations: For ChurchCRM version 4.5.4,...

8.8CVSS8.5AI score0.00124EPSS
Exploits3References10
CVE
CVEadded 2023/05/04 12:0 a.m.52 views

CVE-2023-29842

ChurchCRM 4.5.4 is vulnerable to a Blind SQL Injection (time-based) on the endpoint /EditEventTypes.php via the EN_tyid POST parameter. The root cause is unsanitized user input used in an SQL query, enabling potential data exposure or manipulation. An exploited PoC has been published publicly (Pa...

8.8CVSS9.6AI score0.00124EPSS
Exploits3References4Affected Software1
Cvelist
Cvelistadded 2023/05/04 12:0 a.m.14 views

CVE-2023-29842

ChurchCRM 4.5.4 endpoint /EditEventTypes.php is vulnerable to Blind SQL Injection Time-based via the ENtyid POST parameter...

9.3AI score0.00124EPSS
Exploits3References4
OSV
OSVadded 2023/04/17 1:15 p.m.2 views

CVE-2023-0765

The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not properly escape values used in SQL queries, leading to an Blind SQL Injection vulnerability. The attacker must have at least the privileges of an Author, and the vendor's Slider plugin https://wordpress.org/plugins/slider-bws/ must...

8.8CVSS7.3AI score0.00504EPSS
Exploits2References1
Prion
Prionadded 2023/04/17 1:15 p.m.13 views

Sql injection

The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not properly escape values used in SQL queries, leading to an Blind SQL Injection vulnerability. The attacker must have at least the privileges of an Author, and the vendor's Slider plugin https://wordpress.org/plugins/slider-bws/ must...

6.5CVSS9AI score0.00504EPSS
Exploits2References1Affected Software1
Cvelist
Cvelistadded 2023/04/17 12:17 p.m.16 views

CVE-2023-0765 Gallery by BestWebSoft < 4.7.0 - Author+ SQL Injection

The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not properly escape values used in SQL queries, leading to an Blind SQL Injection vulnerability. The attacker must have at least the privileges of an Author, and the vendor's Slider plugin https://wordpress.org/plugins/slider-bws/ must...

9.2AI score0.00504EPSS
Exploits2References1
Packet Storm
Packet Stormadded 2023/04/10 12:0 a.m.261 views

Snitz Forum 1.0 SQL Injection

Exploit Title: Snitz Forum v1.0 - Blind SQL Injection Date: 13/03/2023 Exploit Author: Emiliano Febbi Vendor Homepage: https://forum.snitz.com/ Software Link: https://sourceforge.net/projects/sf2k/files/ Version: ALL VERSION Tested on: Windows 10 code . . / ///I . / // 0day PoC...

6.8AI score
Exploits0
0day.today
0day.todayadded 2023/04/07 12:0 a.m.190 views

NotrinosERP 0.7 - Authenticated Blind SQL Injection Exploit

Exploit Title: NotrinosERP 0.7 - Authenticated Blind SQL Injection Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md Software Link: https://github.com/notrinos/NotrinosERP/releases/tag/0.7 Vendor Homepage: https://notrinos.com/ Version: 0...

8.8CVSS8.7AI score0.00872EPSS
Exploits4
Exploit DB
Exploit DBadded 2023/04/07 12:0 a.m.171 views

Snitz Forum v1.0 - Blind SQL Injection

Exploit Title: Snitz Forum v1.0 - Blind SQL Injection Date: 13/03/2023 Exploit Author: Emiliano Febbi Vendor Homepage: https://forum.snitz.com/ Software Link: https://sourceforge.net/projects/sf2k/files/ Version: ALL VERSION Tested on: Windows 10 code . . / ///I . / // 0day PoC...

7.4AI score
Exploits0
0day.today
0day.todayadded 2023/04/07 12:0 a.m.168 views

Snitz Forum v1.0 - Blind SQL Injection Vulnerability

Exploit Title: Snitz Forum v1.0 - Blind SQL Injection Exploit Author: Emiliano Febbi Vendor Homepage: https://forum.snitz.com/ Software Link: https://sourceforge.net/projects/sf2k/files/ Version: ALL VERSION Tested on: Windows 10 code . . / ///I . / // 0day PoC...

6.8AI score
Exploits0
NVD
NVDadded 2023/03/27 3:15 a.m.8 views

CVE-2023-28883

In Cerebrate 1.13, a blind SQL injection exists in the searchAll API endpoint...

9.8CVSS9.8AI score0.0025EPSS
Exploits0References2
Prion
Prionadded 2023/03/27 3:15 a.m.13 views

Sql injection

In Cerebrate 1.13, a blind SQL injection exists in the searchAll API endpoint...

7.5CVSS9.7AI score0.0025EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2023/03/27 12:0 a.m.100 views

CVE-2023-28883

CVE-2023-28883 affects Cerebrate 1.13 and reports a blind SQL injection in the searchAll API endpoint. Impact is high (C/H/I/H) with network access, no user interaction and no privileges required; potential exposure of confidential data, integrity loss, and availability disruption per the CVSS. T...

9.8CVSS9.7AI score0.0025EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2023/03/27 12:0 a.m.5 views

CVE-2023-28883

In Cerebrate 1.13, a blind SQL injection exists in the searchAll API endpoint...

9.9AI score0.0025EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/03/27 12:0 a.m.12 views

CVE-2023-28883

In Cerebrate 1.13, a blind SQL injection exists in the searchAll API endpoint...

10AI score0.0025EPSS
Exploits0References2
Rows per page
Query Builder