Lucene search
K

8750 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/24 7:23 a.m.6 views

CVE-2026-56052

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Funnel Builder by FunnelKit allows Blind SQL Injection. This issue affects Funnel Builder by FunnelKit: from n/a through 3.15.0.5...

7.6CVSS5.9AI score0.00226EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 7:23 a.m.10 views

CVE-2026-56052

CVE-2026-56052 is a SQL Injection vulnerability in WordPress Funnel Builder by FunnelKit up to version 3.15.0.5. The root cause is improper neutralization of certain elements in SQL commands, enabling blind SQL injection. Affected product: Funnel Builder by FunnelKit (WordPress plugin). CVSS 3.1 ...

7.6CVSS5.9AI score0.00226EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 5:16 p.m.6 views

CVE-2026-34914

A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier. A low‑privileged user could exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all parameters processed by the script a...

8.3CVSS0.00298EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 4:14 p.m.23 views

CVE-2026-34915

CVE-2026-34915 affects Revive Adserver 6.0.6 and earlier due to missing sanitisation in zone-include.php, enabling a low-privileged attacker to exploit the clientid parameter to perform blind SQL injection. The public sources confirm input validation improvements were implemented to ensure all pa...

6.1CVSS6.1AI score0.00217EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/23 4:14 p.m.9 views

EUVD-2026-38499

A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier could allow a low‑privileged user to exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all parameters processed by the...

6.1CVSS6.2AI score0.00217EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/23 4:14 p.m.33 views

CVE-2026-34914

A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier. A low‑privileged user could exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all parameters processed by the script a...

8.3CVSS0.00298EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/23 4:14 p.m.6 views

EUVD-2026-38506

A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier. A low‑privileged user could exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all parameters processed by the script a...

8.3CVSS6.6AI score0.00298EPSS
Exploits1References1
OSV
OSV
added 2026/06/23 12:3 a.m.2 views

GHSA-WV27-2VQP-J7G5 Gogs has the ability to import local repositories via Mirror Settings

Summary The Gogs Mirror Settings functionality provide an alternative way from the well protected New Migration functionality for any authenticated users to import local repositories. This issue stems from a lack of validation of SaveAddress function. Details Here is the function implementation o...

8.1CVSS5.8AI score0.00569EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/22 5:1 p.m.3 views

EUVD-2026-11599

OpenCTI has Semi-Blind SSRF via Unvalidated External URL in Data Ingestion Feature...

7.7CVSS5.8AI score0.00212EPSS
Exploits0References3
NVD
NVD
added 2026/06/19 5:16 p.m.12 views

CVE-2017-20277

Joomla JoomRecipe 1.0.4 component contains a blind SQL injection vulnerability in the searchauthor parameter on the search results page. Attackers can inject SQL code through POST requests to the search endpoint to extract database information using boolean-based blind SQL injection techniques...

8.8CVSS0.00253EPSS
Exploits0References4
CVE
CVE
added 2026/06/19 4:48 p.m.14 views

CVE-2017-20279

Joomla Payage 2.05 is affected by an SQL injection in the aid parameter used in the make_payment task (unauthenticated access). The vulnerability allows manipulation of database queries, enabling extraction of sensitive data via boolean-based blind or time-based blind techniques. This is supporte...

8.8CVSS6AI score0.00237EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 4:48 p.m.28 views

CVE-2017-20279 Joomla Payage 2.05 SQL Injection via aid Parameter

Joomla Payage 2.05 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers can send GET requests to index.php with malicious aid values in the makepayment task to extract sensitive...

8.8CVSS0.00237EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 4:48 p.m.8 views

CVE-2017-20279

Joomla Payage 2.05 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers can send GET requests to index.php with malicious aid values in the makepayment task to extract sensitive...

8.8CVSS6AI score0.00237EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/19 4:41 p.m.7 views

CVE-2017-20277

Joomla JoomRecipe 1.0.4 component contains a blind SQL injection vulnerability in the searchauthor parameter on the search results page. Attackers can inject SQL code through POST requests to the search endpoint to extract database information using boolean-based blind SQL injection techniques...

8.8CVSS6AI score0.00253EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/19 4:41 p.m.29 views

CVE-2017-20277 Joomla JoomRecipe 1.0.4 Component Blind SQL Injection via search_author

Joomla JoomRecipe 1.0.4 component contains a blind SQL injection vulnerability in the searchauthor parameter on the search results page. Attackers can inject SQL code through POST requests to the search endpoint to extract database information using boolean-based blind SQL injection techniques...

8.8CVSS0.00253EPSS
Exploits0References4
CVE
CVE
added 2026/06/19 4:41 p.m.11 views

CVE-2017-20277

The CVE-2017-20277 entry concerns Joomla JoomRecipe 1.0.4. The connected Attackerkb entry confirms a bona fide vulnerability: a blind SQL injection in the search_author parameter on the search results page. Exploitation is described as sending POST requests to the search endpoint to perform boole...

8.8CVSS6AI score0.00253EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/19 4:41 p.m.10 views

EUVD-2017-19004

Joomla JoomRecipe 1.0.4 component contains a blind SQL injection vulnerability in the searchauthor parameter on the search results page. Attackers can inject SQL code through POST requests to the search endpoint to extract database information using boolean-based blind SQL injection techniques...

8.8CVSS6AI score0.00253EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-50958

Name of the Vulnerable Software and Affected Versions JoomRecipe version 1.0.4 Description The JoomRecipe component for Joomla contains a blind SQL injection flaw. This allows attackers to inject SQL code via POST requests to the search endpoint using the search author parameter. This can be used...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.18 views

PT-2026-50960

Name of the Vulnerable Software and Affected Versions Joomla Payage version 2.05 Description An SQL injection allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers can send GET requests to the 'index.php' endpoint with malicious...

8.8CVSS6.2AI score0.00237EPSS
Exploits0References6
NVD
NVD
added 2026/06/18 2:17 p.m.12 views

CVE-2026-56012

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David Lingren Media LIbrary Assistant allows Blind SQL Injection. This issue affects Media LIbrary Assistant: from n/a through 3.35...

8.5CVSS0.00211EPSS
Exploits0References1
Rows per page
Query Builder