Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4673 matches found

OSV
OSVadded 2019/05/23 7:29 p.m.1 views

CVE-2019-10852

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=startpulling&id= substring...

8.8CVSS7.4AI score
Exploits0References3
Prion
Prionadded 2019/05/23 7:29 p.m.19 views

Sql injection

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=startpulling&id= substring...

6.5CVSS9.1AI score0.00123EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2019/05/23 6:56 p.m.16 views

CVE-2019-10852

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=startpulling&id= substring...

9.2AI score0.00123EPSS
Exploits1References3
CVE
CVEadded 2019/05/23 6:56 p.m.43 views

CVE-2019-10852

CVE-2019-10852 affects Computrols CBAS Web (CBAS Web) with an authenticated SQL injection in the id GET parameter of index.php?m=servers&a=start_pulling&id=. The vulnerability arises from improper input validation in the SQL construction, enabling arbitrary SQL commands with partial confidentiali...

8.8CVSS9.1AI score0.00123EPSS
Exploits1References3Affected Software1
Prion
Prionadded 2019/05/23 6:29 p.m.14 views

Sql injection

An issue was discovered in ZOHO ManageEngine OpManager 12.2. The 'apiKey' parameter of "/api/json/admin/getmailserversettings" and "/api/json/dashboard/gotoverviewlist" is vulnerable to a Blind SQL Injection attack...

5CVSS7.9AI score0.07722EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2019/05/23 6:29 p.m.19 views

CVE-2017-11559

An issue was discovered in ZOHO ManageEngine OpManager 12.2. The 'apiKey' parameter of "/api/json/admin/getmailserversettings" and "/api/json/dashboard/gotoverviewlist" is vulnerable to a Blind SQL Injection attack...

7.5CVSS7.9AI score0.07722EPSS
Exploits1References3
OSV
OSVadded 2019/05/23 6:29 p.m.2 views

CVE-2017-11559

An issue was discovered in ZOHO ManageEngine OpManager 12.2. The 'apiKey' parameter of "/api/json/admin/getmailserversettings" and "/api/json/dashboard/gotoverviewlist" is vulnerable to a Blind SQL Injection attack...

7.5CVSS5.8AI score0.07722EPSS
Exploits1References3
Cvelist
Cvelistadded 2019/05/23 5:9 p.m.20 views

CVE-2017-11559

An issue was discovered in ZOHO ManageEngine OpManager 12.2. The 'apiKey' parameter of "/api/json/admin/getmailserversettings" and "/api/json/dashboard/gotoverviewlist" is vulnerable to a Blind SQL Injection attack...

7.9AI score0.07722EPSS
Exploits1References3
NVD
NVDadded 2019/05/23 4:29 p.m.33 views

CVE-2017-11738

In Zoho ManageEngine Application Manager prior to 14.6 Build 14660, the 'haid' parameter of the '/auditLogAction.do' module is vulnerable to a Time-based Blind SQL Injection attack...

8.1CVSS8.4AI score0.00819EPSS
Exploits1References5
Cvelist
Cvelistadded 2019/05/23 3:29 p.m.30 views

CVE-2017-11738

In Zoho ManageEngine Application Manager prior to 14.6 Build 14660, the 'haid' parameter of the '/auditLogAction.do' module is vulnerable to a Time-based Blind SQL Injection attack...

8.5AI score0.00819EPSS
Exploits1References5
Hacker One
Hacker Oneadded 2019/04/27 3:23 p.m.106 views

Starbucks: Blind SQL Injection on starbucks.com.gt and WAF Bypass :*

Starting with a blind SQL Injection on http://www.starbucks.com.gt/menu/beverage/detail, @d3417 was able to dump schema on several database tables. Initially closed as N/A because of our exclusion on automated tools, reopened to investigate the data reported in the tables, and because the casual...

0.8AI score
Exploits0
0day.today
0day.todayadded 2019/04/04 12:0 a.m.109 views

FreeSMS 2.1.2 - SQL Injection (Authentication Bypass) Vulnerability

Exploit for php platform in category web applications Exploit Title: FreeSMS 2.1.2 - Authentication Bypass Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://freesms.sourceforge.io/ Software Link: https://sourceforge.net/projects/freesms/ Version: v2.1.2 Category: Webapps Tested on: LAMPP...

7.1AI score
Exploits0
Cvelist
Cvelistadded 2019/03/26 4:15 p.m.26 views

CVE-2019-9053

An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1idlist parameter...

8.4AI score0.92556EPSS
Exploits37References5
Prion
Prionadded 2019/02/10 5:29 p.m.24 views

Sql injection

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection...

7.5CVSS9.7AI score0.00348EPSS
Exploits0References1Affected Software29
OSV
OSVadded 2019/02/10 5:29 p.m.1 views

CVE-2018-20770

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection...

9.8CVSS5.8AI score0.00348EPSS
Exploits0References1
NVD
NVDadded 2019/02/10 5:29 p.m.21 views

CVE-2018-20770

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection...

9.8CVSS9.8AI score0.00348EPSS
Exploits0References1
CVE
CVEadded 2019/02/10 5:0 p.m.51 views

CVE-2018-20770

CVE-2018-20770 affects Xerox WorkCentre models (3655/3655i, 58XX/58XXi, 59XX/59XXi, 6655/6655i, 72XX/72XXi, 78XX/78XXi, 7970/7970i, EC7836/EC7856) prior to firmware R18-05 073.xxx.0487.15000. The connected documents confirm a Blind SQL Injection vulnerability in these devices. No exploitation det...

9.8CVSS9.7AI score0.00348EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2019/02/10 5:0 p.m.22 views

CVE-2018-20770

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection...

9.9AI score0.00348EPSS
Exploits0References1
Prion
Prionadded 2019/02/07 7:29 a.m.11 views

Sql injection

An issue was discovered in baijiacms V4 that can result in time-based blind SQL injection to get data via the cate parameter in an index.php?act=index request...

7.5CVSS9.7AI score0.00264EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Stormadded 2019/02/05 12:0 a.m.40 views

WordPress Forminator 1.5.4 Cross Site Scripting / SQL Injection

Vulnerability: Unauthenticated Persistent XSS, Blind SQL Injection Affected Software: Forminator Affected Version: 1.5.4 Patched Version: 1.6 CVE: not requested Risk: High Vendor Contacted: 11/25/2018 Vendor Fix: 12/10/2018 Public Disclosure: 02/05/2019 Credit: Tim Coen Unauthenticated Persistent...

7.4AI score
Exploits0
Rows per page
Query Builder