Lucene search
K

180 matches found

CNNVD
CNNVD
added 2024/07/02 12:0 a.m.5 views

WordPress plugin Email Subscribers by Icegram Express Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A security vulnerability exists in the WordPress plugin...

9.8CVSS7.4AI score0.0114EPSS
Exploits0References6
OSV
OSV
added 2024/06/28 1:15 p.m.3 views

CVE-2024-3816

Sites managed in S@M CMS Concept Intermedia might be vulnerable to a blind SQL Injection executed using the search bar. Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears...

9.8CVSS5.9AI score0.00483EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2024/06/06 10:15 a.m.4 views

CVE-2024-5329

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to blind SQL Injection via the ‘dataaddonID’ parameter in all versions up to, and including, 1.5.109 due to insufficient escaping on the user supplied parameter and lack of sufficient preparati...

8.8CVSS5.9AI score0.00509EPSS
Exploits0References5
OSV
OSV
added 2024/04/09 7:15 p.m.7 views

CVE-2024-1990

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to blind SQL Injection via the ‘id’ parameter of the RMForm shortcode in all versions up to, and including, 5.3.1.0 due to insufficient escaping on the user supplied...

8.8CVSS5.9AI score0.00821EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/12/07 7:15 a.m.4 views

CVE-2023-48823

A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login...

9.8CVSS7.4AI score0.01092EPSS
Exploits3References2
OSV
OSV
added 2023/10/26 5:15 p.m.3 views

CVE-2023-5624

Under certain conditions, Nessus Network Monitor was found to not properly enforce input validation. This could allow an admin user to alter parameters that could potentially allow a blindSQL injection...

7.2CVSS5.8AI score0.00484EPSS
Exploits0References1
OSV
OSV
added 2023/10/13 1:15 p.m.3 views

CVE-2023-45162

Affected 1E Platform versions have a Blind SQL Injection vulnerability that can lead to arbitrary code execution. Application of the relevant hotfix remediates this issue. for v8.1.2 apply hotfix Q23166 for v8.4.1 apply hotfix Q23164 for v9.0.1 apply hotfix Q23169 SaaS implementations on v23.7.1...

9.8CVSS6AI score0.00642EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/13 12:0 a.m.7 views

WordPress plugin Slimstat Analytics SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists i...

8.8CVSS8.1AI score0.00916EPSS
Exploits4References5
Positive Technologies
Positive Technologies
added 2023/03/20 12:0 a.m.5 views

PT-2023-16579 · WordPress · Wp Meta Seo

Name of the Vulnerable Software and Affected Versions: WP Meta SEO WordPress plugin versions prior to 4.5.3 Description: The issue is related to a blind SQL Injection vulnerability. It occurs because the plugin does not properly sanitize and escape inputs into SQL queries. This can be exploited b...

8.8CVSS8.8AI score0.00907EPSS
Exploits2References5
OSV
OSV
added 2023/02/25 1:15 a.m.3 views

DEBIAN-CVE-2023-26034

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are affected by a SQL Injection vulnerability. The blind SQL Injection vulnerability is present within the...

8.8CVSS9.6AI score0.01579EPSS
Exploits1References1
OSV
OSV
added 2022/07/05 8:15 p.m.3 views

CVE-2022-34972

So Filter Shop v3.x was discovered to contain multiple blind SQL injection vulnerabilities via the attvalueid , manuvalueid , optvalueid , and subcatevalueid parameters at /index.php?route=extension/module/sofiltershopby/filterdata...

9.8CVSS7.3AI score0.01454EPSS
Exploits1References1
OSV
OSV
added 2022/06/17 1:15 p.m.4 views

CVE-2022-31296

Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/viewpost.php...

9.8CVSS5.8AI score0.02373EPSS
Exploits1References2
OSV
OSV
added 2022/05/26 5:15 p.m.4 views

CVE-2022-30493

In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote attackers to dump all database credential and gain admin accessprivilege escalation...

9.8CVSS7.4AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/26 2:15 p.m.4 views

CVE-2022-29687

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/leveldel...

7.2CVSS6AI score0.00896EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/05/26 2:15 p.m.2 views

CVE-2022-29684

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/jsdel...

7.2CVSS6AI score0.00896EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/05/26 2:15 p.m.2 views

CVE-2022-29683

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/pagedel...

7.2CVSS6AI score0.00896EPSS
Exploits1References2
OSV
OSV
added 2022/05/26 2:15 p.m.2 views

CVE-2022-29680

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/zudel...

7.2CVSS7.1AI score0.00896EPSS
Exploits1References1
OSV
OSV
added 2022/05/26 2:15 p.m.3 views

CVE-2022-29661

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/save...

7.2CVSS5.8AI score0.00896EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/05/24 3:15 a.m.2 views

CVE-2022-29305

imgurl v2.31 was discovered to contain a Blind SQL injection vulnerability via /upload/localhost...

8.1CVSS6AI score0.00864EPSS
Exploits1References2
OSV
OSV
added 2022/05/20 1:15 p.m.3 views

CVE-2022-28105

Online Sports Complex Booking System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /scbs/viewfacility.php...

9.8CVSS7.3AI score0.01026EPSS
Exploits1References1
Rows per page
Query Builder