Lucene search
K

5 matches found

CVE
CVE
added 2020/01/31 8:49 p.m.252 views

CVE-2014-3119

CVE-2014-3119 affects web2Project 3.1 and earlier. The vulnerability is due to insufficient sanitization of user inputs, allowing remote authenticated users to inject arbitrary SQL via the POST parameter search_string (index.php, contacts module) or via updatekey (do_updatecontact.php) or updatek...

8.8CVSS9.1AI score0.01731EPSS
Exploits5References3Affected Software1
securityvulns
securityvulns
added 2014/10/15 12:0 a.m.69 views

Multiple SQL Injection Vulnerabilities in web2Project

Advisory ID: HTB23213 Product: web2Project Vendor: http://web2project.net Vulnerable Versions: 3.1 and probably prior Tested Version: 3.1 Advisory Publication: April 30, 2014 without technical details Vendor Notification: April 30, 2014 Vendor Patch: May 1, 2014 Public Disclosure: June 18, 2014...

0.3AI score0.01731EPSS
Exploits5
exploitpack
exploitpack
added 2014/06/19 12:0 a.m.84 views

web2Project 3.1 - Multiple Vulnerabilities

web2Project 3.1 - Multiple Vulnerabilities Advisory ID: HTB23213 Product: web2Project Vendor: http://web2project.net Vulnerable Versions: 3.1 and probably prior Tested Version: 3.1 Advisory Publication: April 30, 2014 without technical details Vendor Notification: April 30, 2014 Vendor Patch: May...

6.5CVSS0.2AI score0.01731EPSS
Exploits5
0day.today
0day.today
added 2014/06/19 12:0 a.m.58 views

web2Project 3.1 SQL Injection Vulnerability

Exploit for php platform in category web applications Product: web2Project Vendor: http://web2project.net Vulnerable Versions: 3.1 and probably prior Tested Version: 3.1 Advisory Publication: April 30, 2014 without technical details Vendor Notification: April 30, 2014 Vendor Patch: May 1, 2014...

6.5CVSS0.01731EPSS
Exploits5
Exploit DB
Exploit DB
added 2014/06/19 12:0 a.m.56 views

web2Project 3.1 - Multiple Vulnerabilities

Advisory ID: HTB23213 Product: web2Project Vendor: http://web2project.net Vulnerable Versions: 3.1 and probably prior Tested Version: 3.1 Advisory Publication: April 30, 2014 without technical details Vendor Notification: April 30, 2014 Vendor Patch: May 1, 2014 Public Disclosure: June 18, 2014...

8.8CVSS8.8AI score0.01731EPSS
Exploits5
Rows per page
Query Builder