Lucene search
K

65 matches found

Cvelist
Cvelist
added 2022/03/22 12:0 a.m.22 views

CVE-2022-25517

MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerability via the Column parameter in /core/conditions/AbstractWrapper.java. NOTE: the vendor's position is that the reported execution of a SQL statement was intended behavior...

10AI score0.01809EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/04/08 12:0 a.m.5 views

Nagios SQL注入漏洞

Nagios Network Analyzer is a network data flow analyzer that provides a view of all network traffic and bandwidth utilization. A SQL injection vulnerability exists in Nagios Network Analyzer versions prior to 2.4.3. The vulnerability can be exploited to read sensitive data from the database and...

9.8CVSS5.9AI score0.04217EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2021/03/18 12:0 a.m.4 views

PT-2021-17861 · Seo Panel · Seo Panel

Name of the Vulnerable Software and Affected Versions: SEO Panel version 4.8.0 Description: The issue concerns a time-based blind SQL injection vulnerability in the order col parameter of the archive.php file. This vulnerability allows an attacker to retrieve all databases. Recommendations: For S...

7.2CVSS7.5AI score0.10672EPSS
Exploits4References9
OSV
OSV
added 2019/11/06 3:15 p.m.4 views

CVE-2019-13076

Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /userui/ticketlist.php, and affected parameters are order0column and order0dir...

8.8CVSS7.5AI score0.01235EPSS
Exploits0References2
OSV
OSV
added 2018/10/15 2:29 a.m.3 views

CVE-2018-18296

MetInfo 6.1.2 has XSS via the /admin/index.php bigclass parameter in an n=column&a=doadd action...

6.1CVSS5.8AI score0.00675EPSS
Exploits1References1
Rows per page
Query Builder