Lucene search
K

28 matches found

Cvelist
Cvelist
added 2026/02/10 5:32 p.m.27 views

CVE-2026-25947 Worklenz Boolean-Based Blind SQL Injection via Improper ORDER BY Clause Input Validation

Worklenz is a project management tool. Prior to 2.1.7, there are multiple SQL injection vulnerabilities were discovered in backend SQL query construction affecting project and task management controllers, reporting and financial data endpoints, real-time socket.io handlers, and resource allocatio...

8.8CVSS0.00354EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2024-51482

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder v1.37. = 1.37.64 is vulnerable to boolean-based SQL Injection in...

9.9CVSS5.9AI score0.36899EPSS
Exploits8References2
Packet Storm
Packet Storm
added 2025/07/23 12:0 a.m.266 views

📄 Invision Community 4.7.20 SQL Injection

Invision Community versions 4.7.20 and below have a vulnerability located within the /applications/calendar/modules/front/calendar/view.php script. Specifically, in the IPS\calendar\modules\front\calendar\view::search method: user input passed through the location request parameter is not properl...

8.2AI score
Exploits2
CNNVD
CNNVD
added 2025/06/05 12:0 a.m.4 views

Trol InterMedia 2ClickPortal SQL注入漏洞

Trol InterMedia 2ClickPortal is a web portal from Trol InterMedia, Inc. Trol InterMedia 2ClickPortal suffers from a SQL injection vulnerability that stems from improper neutralization of the changesreferenceid parameter input, which could lead to a blind Boolean-based SQL injection attack...

9.3CVSS7.8AI score0.00284EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/31 12:0 a.m.7 views

ZoneMinder SQL注入漏洞

ZoneMinder is an open source video surveillance software system from ZoneMinder Open Source. The system supports IP, USB, and analog cameras, among others. A SQL injection vulnerability exists in ZoneMinder 1.37.64 and previous versions 1.37.X. The vulnerability stems from web/ajax/event.php bein...

9.9CVSS7.6AI score0.36899EPSS
Exploits8References2
CNNVD
CNNVD
added 2023/05/15 12:0 a.m.11 views

Anuko TimeTracker SQL注入漏洞

Anuko TimeTracker is an Anuko open source application . Provides a Web-based open source time tracking application written in PHP. A SQL injection vulnerability exists in versions prior to Anuko TimeTracker 1.22.11.5781, which stems from a Boolean-based SQL injection in Time Tracker invoices.php,...

9.8CVSS8.6AI score0.00658EPSS
Exploits0References3
Kitploit
Kitploit
added 2023/01/20 11:30 a.m.559 views

Ghauri - An Advanced Cross-Platform Tool That Automates The Process Of Detecting And Exploiting SQL Injection Security Flaws

An advanced cross-platform tool that automates the process of detecting andexploiting SQL injection security flaws Requirements Python 3 Python pip3 Installation cd to ghauri directory. install requirements: python3 -m pip install --upgrade -r requirements.txt run: python3 setup.py install or...

8.6AI score
Exploits0References1
Prion
Prion
added 2021/07/09 2:15 p.m.43 views

Sql injection

The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQL injection in the parameter fldrId. Detailed description --- Given the following request: GET /InstallTab/exportFldr.asp?fldrId=1’ HTTP/1.1 Host: 192.168.1.194 User-Agent: Mozilla/5.0 Macintosh;...

6.5CVSS9.6AI score0.85619EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder