Lucene search
+L

194 matches found

OSV
OSV
added 2025/03/20 10:10 a.m.7 views

CVE-2024-12776 Authentication Bypass in langgenius/dify

In langgenius/dify v0.10.1, the /forgot-password/resets endpoint does not verify the password reset code, allowing an attacker to reset the password of any user, including administrators. This vulnerability can lead to a complete compromise of the application...

8.1CVSS7.2AI score0.00614EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/05/09 2:54 p.m.33 views

CVE-2024-32735 CyberPower PowerPanel Enterprise Missing Authentication

An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can access the PDNU REST APIs, which may result in compromise of the application...

9.8CVSS9.8AI score0.06765EPSS
Exploits0References2
NVD
NVD
added 2022/07/01 2:15 p.m.30 views

CVE-2014-3650

Multiple persistent cross-site scripting XSS flaws were found in the way Aerogear handled certain user-supplied content. A remote attacker could use these flaws to compromise the application with specially crafted input...

5.4CVSS0.00558EPSS
Exploits0References2
NVD
NVD
added 2022/06/02 2:15 p.m.31 views

CVE-2021-44096

EGavilan Media User-Registration-and-Login-System-With-Admin-Panel 1.0 is vulnerable to SQL Injection via profileaction - updateuser. This allows a remote attacker to compromise Application SQL database...

9.8CVSS0.0122EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/05/31 11:38 p.m.35 views

CVE-2021-44095

A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote attacker to compromise Application SQL database...

9.8AI score0.02154EPSS
Exploits1References3
Prion
Prion
added 2021/02/16 1:15 p.m.21 views

Sql injection

PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database...

7.5CVSS9.7AI score0.01629EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/10/01 2:15 p.m.18 views

Sql injection

WebsiteBaker 2.12.2 allows SQL Injection via parameter 'displayname' in /websitebaker/admin/preferences/save.php. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database...

7.5CVSS9.8AI score0.01668EPSS
Exploits3References2Affected Software1
Packet Storm
Packet Storm
added 2019/01/31 12:0 a.m.90 views

Joomla JCalPro Calendar 4.3.26 SQL Injection

Exploit Title : Joomla JCalPro Calendar Components 4.3.26 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 31/01/2019 Vendor Homepage : joomlashack.com anything-digital.com Software Download Link : joomlashack.com/joomla-extensions/jcal/ Software...

0.7AI score
Exploits0
CNVD
CNVD
added 2018/06/11 12:0 a.m.4 views

WordPress Top-10 Plugin SQL Injection Vulnerability

WordPress is a set of blogging platform developed by WordPress Software Foundation using PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.Top-10 is one of the plug-ins that calculates the number of daily visits and total number of visits to each post and...

7.7AI score
Exploits0References1
CNVD
CNVD
added 2015/01/06 12:0 a.m.7 views

PHP Address Book SQL Injection Vulnerability (CNVD-2015-00124)

PHP is a widely used general-purpose scripting language that is particularly well suited for web development and can be embedded in HTML. A SQL injection vulnerability exists in PHP Address Book, which allows attackers to exploit the vulnerability to compromise an application, access or modify...

7.7AI score
Exploits0References1
Exploit DB
Exploit DB
added 2014/07/17 12:0 a.m.50 views

OL-Commerce - '/OL-Commerce/admin/create_account.php?entry_country_id' SQL Injection

source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

ezContents 2.0.3 search.php GLOBALS[language_home] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

EncapsCMS 0.3.6 'common_foot.php' Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22319/info EncapsCMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlyi...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Your Articles Directory Login Option SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39796/info Article Directory Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Magic Photo Storage Website user/logout.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Lussumo Vanilla <= 1.1.10 'definitions.php' Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/38889/info Vanilla is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Magic Photo Storage Website admin/list_members.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.41 views

Cartweaver 2.16.11 Results.cfm category Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17941/info Cartweaver ColdFusion is prone to SQL-injection vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input before using it in SQL queries. Successful exploits...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

PHP Content Architect 0.9 pre 1.2 MFA_Theme.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23843/info PHP Content Architect is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Portail Web Php 2.5.1 config/conf-activation.php site_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/27616/info Portail Web Php is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application...

7.1AI score
Exploits0
Rows per page
Query Builder