Lucene search
K

227 matches found

OSV
OSV
added 2025/08/27 6:31 p.m.4 views

GHSA-RFH2-8VXQ-JQR8 NodeBB SQL Injection vulnerability

NodeBB v4.3.0 is vulnerable to SQL injection in its search-categories API endpoint /api/v3/search/categories. The search query parameter is not properly sanitized, allowing unauthenticated, remote attackers to inject boolean-based blind and PostgreSQL error-based payloads...

8.7CVSS8.2AI score0.08115EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2024/07/30 12:0 a.m.233 views

AccPack Cop CMS 1.0 SQL Injection

============================================================================================================================================= | Title : AccPack Cop CMS v1.0 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/07/08 12:0 a.m.306 views

WordPress Poll 2.3.6 SQL Injection

Exploit Title: WordPress Poll Plugin SQL Injection Date: 2024-07-06 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://total-soft.com/wp-poll/ Version 2.3.6 1. Access the Admin Panel: - Navigate to the admin panel of your WordPress site. - Go to TS Poll Create Pool Use Theme and...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/07/02 12:0 a.m.173 views

Azon Dominator Affiliate Marketing Script - SQL Injection Vulnerability

Exploit Title: Azon Dominator - Affiliate Marketing Script - SQL Injection Exploit Author: Buğra Enis Dönmez Vendor: https://www.codester.com/items/12775/azon-dominator-affiliate-marketing-script Demo Site: https://azon-dominator.webister.net/ Tested on: Arch Linux CVE: N/A Request POST...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/05/22 12:0 a.m.440 views

Chat Bot 1.0 SQL Injection

Titles: Chat Bot - PHP by: oretnom23 v1.0 Multiple SQLi Author: nu11secur1ty Date: 05/22/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15316/chatbot-app-suggestion-phpoop-free-source-code.html Reference: https://portswigger.net/web-security/sql-injection...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/01/31 12:0 a.m.284 views

101 News 1.0 - Multiple-SQLi

Title: 101 News-1.0 Multiple-SQLi Author: nu11secur1ty Date: 09/16/2023 Vendor: https://mayurik.com/ Software: https://www.sourcecodester.com/php/16067/best-online-news-portal-project-php-free-download.html Reference: https://portswigger.net/web-security/sql-injection Description: The searchtitle...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/08/21 12:0 a.m.460 views

OVOO Movie Portal CMS v3.3.3 - SQL Injection

Exploit Title: OVOO Movie Portal CMS v3.3.3 - SQL Injection Date: 2023-08-12 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/ovoomovie-video-streaming-cms-with-unlimited-tvseries/20180569 Tested on: Kali Linux & MacOS CVE: N/A Request POST /filtermovies/1 HTTP/2 Host:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/08/21 12:0 a.m.265 views

Taskhub CRM Tool 2.8.6 - SQL Injection Vulnerability

Exploit Title: Taskhub CRM Tool 2.8.6 - SQL Injection Date: 2023-08-12 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Tested on: Kali Linux & MacOS CVE: N/A Request GET /projects?filter=notstarted HTTP/1.1 Host: localhost...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/20 12:0 a.m.285 views

The Shop 2.5 SQL Injection

Exploit Title: The Shop v2.5 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/the-shop/34858541 Demo Site: https://shop.activeitzone.com Tested on: Kali Linux CVE: N/A Request POST /api/v1/carts/add HTTP/1.1 Content-Type: application/json...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/06/19 12:0 a.m.287 views

The Shop v2.5 - SQL Injection

Exploit Title: The Shop v2.5 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/the-shop/34858541 Demo Site: https://shop.activeitzone.com Tested on: Kali Linux CVE: N/A Request POST /api/v1/carts/add HTTP/1.1 Content-Type: application/json...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/06/19 12:0 a.m.363 views

The Shop v2.5 - SQL Injection Vulnerability

Exploit Title: The Shop v2.5 - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/the-shop/34858541 Demo Site: https://shop.activeitzone.com Tested on: Kali Linux CVE: N/A Request POST /api/v1/carts/add HTTP/1.1 Content-Type: application/json Accept:...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/06/07 12:0 a.m.272 views

Expert Job Portal Management System 1.0 SQL Injection Vulnerability

┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐ ┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Vulnerability ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/05 12:0 a.m.260 views

MotoCMS 3.4.3 SQL Injection

Title: MotoCMS Version 3.4.3 - SQL Injection Author: tmrswrr Date: 01/06/2023 Vendor: https://www.motocms.com Link: https://www.motocms.com/website-templates/demo/189526.html Vulnerable Versions: MotoCMS 3.4.3 Description MotoCMS Version 3.4.3 SQL Injection via the keyword parameter. Steps to...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.339 views

PHPJabbers Simple CMS 5.0 - SQL Injection

Exploit Title: PHPJabbers Simple CMS 5.0 - SQL Injection Date: 2023-04-29 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Request GET...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/05/02 12:0 a.m.279 views

PHPJabbers Simple CMS 5.0 - SQL Injection Vulnerability

Exploit Title: PHPJabbers Simple CMS 5.0 - SQL Injection Date: 2023-04-29 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Request GET...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.306 views

Best pos Management System v1.0 - SQL Injection

Exploit Title: Best pos Management System v1.0 - SQL Injection Google Dork: NA Date: 14/2/2023 Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/03/29 12:0 a.m.342 views

Human Resource Management System 1.0 - SQL Injection Vulnerability

Exploit Title: Human Resource Management System - SQL Injection unauthenticated Exploit Author: Matthijs van der Vaart eMVee Vendor Homepage: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/24 12:0 a.m.251 views

Online Graduate Tracer System 1.0 SQL Injection

Exploit Title: Online Graduate Tracer System - Multiple SQLi Date: 24/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/15904/online-graduate-tracer-system-college-ict-alumni.html Software Download:...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/03/24 12:0 a.m.161 views

Online Graduate Tracer System - Multiple SQL injection Vulnerabilities

A Blind SQL injection vulnerability in the fill-in forms of Online Graduate Tracer System allows remote unauthenticated attackers to execute remote arbitrary SQL commands through "age" parameter. Description A Blind SQL injection vulnerability in the fill-in forms of Online Graduate Tracer System...

9AI score
Exploits0
0day.today
0day.today
added 2023/03/16 12:0 a.m.288 views

Human Resources Management System - Multiple SQL injection Vulnerability

A Blind SQL injection vulnerability in the login page /hrm/controller/login.php in Human Resources Management System allows remote unauthenticated attackers to execute remote command through arbitrary SQL commands by "name" parameter. Request PoC POST /hrm/controller/login.php HTTP/1.1 Host:...

9.3AI score
Exploits0
Rows per page
Query Builder