Lucene search
+L

46 matches found

OSV
OSV
added 2023/01/26 11:15 p.m.5 views

CVE-2022-46966

Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php...

9.8CVSS5.8AI score0.0115EPSS
Exploits1References2
Prion
Prion
added 2023/01/26 11:15 p.m.12 views

Sql injection

Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php...

7.5CVSS9.7AI score0.0115EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/01/26 11:15 p.m.16 views

Directory traversal

An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory...

7.5CVSS9.3AI score0.01141EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/01/26 12:0 a.m.61 views

CVE-2022-46966

Revenue Collection System v1.0 contains a SQL injection vulnerability in step1.php. Root cause: unparameterized input in that endpoint. CVSS v3.1 base score 9.8 (CRITICAL) with network attack vector, no user interaction. Expect high impact to confidentiality, integrity, and availability. No fix d...

9.8CVSS9.7AI score0.0115EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/26 12:0 a.m.5 views

CVE-2022-46967

An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory...

6.9AI score0.01141EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.4 views

Revenue Collection System 安全漏洞

Revenue Collection System is a land property billing and payment software by Carlo Montero Individual Developer. A security vulnerability exists in Revenue Collection System version v1.0 that stems from improper access control of its /admin/DBbackup/ component allowing an unauthenticated attacker...

9.8CVSS8.3AI score0.01141EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.4 views

Revenue Collection System SQL注入漏洞

Revenue Collection System is a landed property billing and payment software by Carlo Montero Individual Developer. A security vulnerability exists in Revenue Collection System v1.0, which stems from its step1.php file that allows attackers to implement SQL injection...

9.8CVSS8.6AI score0.0115EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/01/26 12:0 a.m.5 views

PT-2023-15121 · Unknown · Revenue Collection System

Name of the Vulnerable Software and Affected Versions: Revenue Collection System version 1.0 Description: The issue is related to a SQL injection vulnerability. It affects the step1.php endpoint. Recommendations: For Revenue Collection System version 1.0, consider disabling access to the step1.ph...

9.8CVSS7.9AI score0.0115EPSS
Exploits1References6
Cvelist
Cvelist
added 2023/01/26 12:0 a.m.33 views

CVE-2022-46967

An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory...

9.6AI score0.01141EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/26 12:0 a.m.12 views

CVE-2022-46966

Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php...

8.2AI score0.0115EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/01/26 12:0 a.m.28 views

CVE-2022-46966

Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php...

10AI score0.0115EPSS
Exploits1References2
CVE
CVE
added 2023/01/26 12:0 a.m.54 views

CVE-2022-46967

Revenue Collection System v1.0 is affected by an access-control flaw that allows unauthenticated users to access the /admin/DBbackup/ directory, exposing backup data. The issue is described as an access-control vulnerability with high impact to confidentiality, integrity, and availability (per CV...

9.8CVSS9.2AI score0.01141EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2022/11/16 12:0 a.m.190 views

Revenue Collection System 1.0 Cross Site Scripting / Authentication Bypass

Exploit Title: Revenue Collection System v1.0 - Authentication Bypass via Stored XSS Exploit Author: Joe Pollock Date: November 16, 2022 Vendor Homepage: https://www.sourcecodester.com/php/14904/rates-system.html Software Link:...

0.2AI score
Exploits0
0day.today
0day.today
added 2022/11/16 12:0 a.m.203 views

Revenue Collection System 1.0 Cross Site Scripting / Authentication Bypass Exploit

Exploit Title: Revenue Collection System v1.0 - Authentication Bypass via Stored XSS Exploit Author: Joe Pollock Vendor Homepage: https://www.sourcecodester.com/php/14904/rates-system.html Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/rates.zip Tested on: Ka...

0.3AI score
Exploits0
NVD
NVD
added 2022/04/21 8:15 p.m.18 views

CVE-2022-28416

Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=deletephase...

9.8CVSS0.01269EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/04/21 12:0 a.m.7 views

Home Owners Collection Management System SQL注入漏洞

Home Owners Collection Management System is a homeowner collection management system. Home Owners Collection Management System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

9.8CVSS6AI score0.01269EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.271 views

Home Owners Collection Management System 1.0 - Account Takeover (Unauthenticated)

Exploit Title: Home Owners Collection Management System 1.0 - Account Takeover Unauthenticated Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
NVD
NVD
added 2021/10/04 11:15 p.m.22 views

CVE-2021-41123

Survey Solutions is a survey management and data collection system. In affected versions the Headquarters application publishes /metrics endpoint available to any user. None of the survey answers are ever exposed, only the aggregate counters, including count of interviews, or count of assignments...

5.3CVSS0.00852EPSS
Exploits0References2
Prion
Prion
added 2021/10/04 11:15 p.m.19 views

Default credentials

Survey Solutions is a survey management and data collection system. In affected versions the Headquarters application publishes /metrics endpoint available to any user. None of the survey answers are ever exposed, only the aggregate counters, including count of interviews, or count of assignments...

5CVSS5.3AI score0.00852EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2021/03/22 12:0 a.m.3 views

SQL Injection Vulnerability in Health Collection Reporting System (CNVD-2021-24511)

Health collection and reporting system using PHP + mysql development, open source code, to facilitate secondary development. Health collection and reporting system has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

7.5AI score
Exploits0
Rows per page
Query Builder