21 matches found
CVE-2025-41008
SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the '/adm/scripts/modalReportdata.php' endpoint...
EUVD-2025-208935
SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the '/adm/scripts/modalReportdata.php' endpoint...
CVE-2025-41008
SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the '/adm/scripts/modalReportdata.php' endpoint...
CVE-2025-41008 SQL Injection in Sinturno
SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the '/adm/scripts/modalReportdata.php' endpoint...
CVE-2025-41008
SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the '/adm/scripts/modalReportdata.php' endpoint...
CVE-2025-41008
CVE-2025-41008 affects Sinturno via SQL injection in the /_adm/scripts/modalReport_data.php endpoint, using the 'client' parameter. The vulnerability allows an attacker to retrieve, create, update, and delete databases, with network attack vector, low attack complexity, and no privileges required...
CVE-2025-41008 SQL Injection in Sinturno
SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the '/adm/scripts/modalReportdata.php' endpoint...
Sinturno SQL注入漏洞
Sinturno is a tool used by the American company Sinturno to manage and analyze network traffic. Sinturno has a SQL injection vulnerability, which stems from improper handling of the client parameter in the adm/scripts/modalReportdata.php endpoint. This vulnerability may lead to SQL injection...
PT-2026-27125
SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the '/ adm/scripts/modalReport data.php' endpoint...
systems@work time@work SQL注入漏洞
systems@work time@work is a service automation and working hours management system of the Czech company systems@work. Version 7.0.5 of systems@work time@work has a SQL injection vulnerability. This vulnerability arises from the IDClient parameter, which is vulnerable to authenticated brute-force...
CVE-2025-66507
1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.13 and below allow an unauthenticated attacker to disable CAPTCHA verification by abusing a client-controlled parameter. Because the server previously trusted this value without proper validation, CAPTCHA...
CVE-2025-66507 1Panel – CAPTCHA Bypass via Client-Controlled Flag
1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.13 and below allow an unauthenticated attacker to disable CAPTCHA verification by abusing a client-controlled parameter. Because the server previously trusted this value without proper validation, CAPTCHA...
PT-2025-49759
1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.13 and below allow an unauthenticated attacker to disable CAPTCHA verification by abusing a client-controlled parameter. Because the server previously trusted this value without proper validation, CAPTCHA...
EUVD-2006-2561
Malware in sbrugna...
CVE-2025-40720
Reflected Cross-site Scripting XSS vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the campo parameter in /FacturaE/VerFacturaPDF...
CVE-2024-50717
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the client parameter in the /recuperaLog.php component...
PT-2024-34400 · Unknown · Smart Agent
Name of the Vulnerable Software and Affected Versions: Smart Agent version 1.1.0 Description: The issue allows a remote attacker to execute arbitrary code via the client parameter in the "/recuperaLog.php" component. This is an SQL injection vulnerability. Recommendations: For Smart Agent version...
CVE-2024-50717
CVE-2024-50717: SQL injection in Smart Agent v1.1.0 allows remote execution via the client parameter in /recuperaLog.php. Underlying cause is injectable SQL in the affected parameter; no patch/version fix is detailed in the provided documents. CVSS v3.1 base score 9.8 (CRITICAL). Remediation/stat...
Garage Management System 跨站脚本漏洞
Garage Management System Cms-Website is a garage management system that helps you manage all your vehicles, cars and motorcycles. A cross-site scripting vulnerability exists in Garage Management System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in th...
CVE-2022-28962
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=deleteclient...