Lucene search
+L

83 matches found

Vulnrichment
Vulnrichment
added 2023/09/04 11:26 a.m.7 views

CVE-2023-4059 Profile Builder < 3.9.8 - Unauthenticated Plugin's Pages Creation

The Profile Builder WordPress plugin before 3.9.8 lacks authorisation and CSRF in its page creation function which allows unauthenticated users to create the register, log-in and edit-profile pages from the plugin on the blog...

7.1AI score0.002EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2023/08/15 12:0 a.m.328 views

EI Tube YouTube API 3 SQL Injection

==================================================================================================================================== | Title : EI Tube YouTube API V3 site builder Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firef...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/12 12:0 a.m.346 views

Architect HTML And Site Builder 2.2.3 File Upload

==================================================================================================================================== | Title : Architect - HTML and Site Builder V 2.2.3 Remote File Upload vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2023/02/14 12:0 a.m.17 views

Microsoft 3D Builder 安全漏洞

Microsoft 3D Builder, a tool for creating models and 3D printing from Microsoft USA, has a security vulnerability. No details of the vulnerability are currently available...

7.8CVSS6.8AI score0.0065EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.2 views

PT-2023-1051 · Microsoft · 3D Builder

Name of the Vulnerable Software and Affected Versions: 3D Builder affected versions not specified Description: The issue is related to insufficient input validation in the 3D Builder program, which can be exploited by opening a specially crafted malicious file, allowing an attacker to execute...

7.8CVSS8.2AI score0.00929EPSS
Exploits0References17
CNNVD
CNNVD
added 2022/07/22 12:0 a.m.7 views

WordPress plugin Sygnoos Popup Builder 跨站请求伪造漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress Sygnoos Popup Builder 4.1.11 and prior versions, which arises from a web applicatio...

5.4CVSS5.5AI score0.00427EPSS
Exploits0References3
CNNVD
CNNVD
added 2020/12/24 12:0 a.m.10 views

Kenhys Td Agent Builder Permission License and Access Control Issues Vulnerability

Kenhys Td Agent Builder is a Ruby-based software for collecting various types of log information by the individual developer Kenhys. Fluentd td-agent-builder plugin before 2020-12-18 A security vulnerability exists that could be exploited by an attacker to gain privileges because the bin director...

7CVSS7AI score0.01171EPSS
Exploits4References13
CNVD
CNVD
added 2020/11/26 12:0 a.m.3 views

SQL Injection Vulnerability in Chongqing Billion Information Technology Co.

Ltd. referred to as: billion online, Chongqing billion is dedicated to brand website construction, Internet application development and network marketing, website construction is an important step in network marketing, according to the purpose of the enterprise's station, the overall positioning ...

7.6AI score
Exploits0
CNVD
CNVD
added 2020/09/05 12:0 a.m.4 views

Yunnan Huaji Youxiang Network Technology Co., Ltd. website building system has SQL injection vulnerability

Yunnan Huaji Youxiang Network Technology Co., Ltd. is to provide intellectual property rights and Internet services. There is a SQL injection vulnerability in the website building system of Yunnan Huayi Youxiang Network Technology Co. Attackers can utilize the vulnerability to obtain sensitive...

7.9AI score
Exploits0
CNVD
CNVD
added 2020/08/21 12:0 a.m.3 views

SQL Injection Vulnerability in Shijiazhuang Diyi Advertising Co.

Shijiazhuang Diyi Advertising Co., Ltd. is a company dedicated to corporate branding and marketing planning. Shijiazhuang Diyi Advertising Co., Ltd. website building system SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive information database...

7.6AI score
Exploits0
CNVD
CNVD
added 2020/08/09 12:0 a.m.3 views

SQL Injection Vulnerability in Hanzhong Qiyuan Power Network Co.

Hanzhong Qiyuan Power Network Co., Ltd. is a high-tech Internet technology service provider. Hanzhong Qiyuan Power Network Co., Ltd. website building system has SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive database information...

7.8AI score
Exploits0
CNVD
CNVD
added 2020/05/30 12:0 a.m.5 views

Wuhu ECCOM Information Technology Co., Ltd. website building system has SQL injection vulnerability

Wuhu eXpress Information Technology Co., Ltd. is an Internet application service solution provider. There is a SQL injection vulnerability in the website building system of Wuhu ECCOM Information Technology Co., Ltd, which can be exploited by attackers to obtain sensitive information from the...

7.6AI score
Exploits0
CNVD
CNVD
added 2020/05/07 12:0 a.m.4 views

Xi'an Baolian Network Technology Co., Ltd. website building system suffers from SQL injection vulnerabilities (CNVD-2020-32333)

Xi'an BaiLian Network Technology Co., Ltd. is the first technology company specializing in bearing industry management software development and bearing industry portal design. There is a SQL injection vulnerability in the website building system of Xi'an Bailian Network Technology Co. Attackers c...

7.7AI score
Exploits0
CNVD
CNVD
added 2020/04/22 12:0 a.m.2 views

SQL Injection Vulnerability in Enterprise First Website Building System

Business First is a website that offers free website building services for businesses. There is a SQL injection vulnerability in the Enterprise First website builder system, which can be exploited by attackers to obtain sensitive information from the database...

7.6AI score
Exploits0
CNVD
CNVD
added 2020/04/17 12:0 a.m.2 views

MayiCMS has a flawed logic vulnerability

MayiCMS is a php mysql based website builder. MayiCMS suffers from a logic flaw vulnerability that can be exploited by attackers to perform unauthorized operations...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/09/27 12:0 a.m.4 views

S-CMS enterprise website builder system aj***.php page C_f*** parameter has SQL injection vulnerability

S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. S-CMS enterprise website building system aj.php page Cf parameters exist SQL injection vulnerability, attackers can use the...

7.8AI score
Exploits0
CNVD
CNVD
added 2019/08/22 12:0 a.m.5 views

SQL Injection Vulnerability in the Website Building System of Beijing Beyond Infinity Information Technology Co. Ltd (CNVD-2019-30355)

Beijing Beyond Infinity Information Technology is a company engaged in website construction. A SQL injection vulnerability exists in the website building system of Beijing Beyond Unlimited Information Technology Co. Attackers can utilize the vulnerability to obtain sensitive information of the...

7.6AI score
Exploits0
CNVD
CNVD
added 2018/10/25 12:0 a.m.2 views

Yinchuan Xunlei Network Technology Co., Ltd. website building system has overstepped the right to access vulnerabilities

Yinchuan Xunlei Network Technology Co., Ltd. is one of the Internet application service providers in Ningxia. There is an access vulnerability in the website building system of Yinchuan Xunlei Network Technology Co. Attackers can take advantage of the vulnerability to access the background and...

6.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/08/03 12:0 a.m.10 views

The vulnerability of the Map Builder component of the Fusion Middleware data visualization software, MapViewer, allows a hacker to gain full control over the application.

The vulnerability of the Map Builder component of the Fusion Middleware data visualization software, MapViewer, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the application using the HTTP protoco...

9.8CVSS7.8AI score0.02245EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/05/30 12:0 a.m.4 views

SQL Injection Vulnerability in Hainan Creative Media pc Website Building System

Hainan Creative Future Culture Media Co., Ltd. is engaged in brand one-stop service e-commerce advertising consulting services media enterprises. We design complete solutions for users and provide the best advertising support services. A SQL injection vulnerability exists in the pc website builde...

7.7AI score
Exploits0
Rows per page
Query Builder