Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.5 views

CVE-2021-28142

CITSmart before 9.1.2.28 mishandles the "filtro de autocomplete."...

8.8CVSS6.8AI score0.05767EPSS
Exploits3References1
Packet Storm
Packet Storm
added 2021/04/14 12:0 a.m.301 views

CITSmart ITSM 9.1.2.27 SQL Injection

Exploit Title: CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection Authenticated Google Dork: "citsmart.local" Date: 11/03/2021 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.2...

0.2AI score0.05767EPSS
Exploits3
0day.today
0day.today
added 2021/04/14 12:0 a.m.73 views

CITSmart ITSM 9.1.2.27 - (query) Time-based Blind SQL Injection (Authenticated) Vulnerability

Exploit Title: CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection Authenticated Google Dork: "citsmart.local" Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.28 Vendor has...

8.8CVSS0.6AI score0.05767EPSS
Exploits3
Exploit DB
Exploit DB
added 2021/04/14 12:0 a.m.366 views

CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection (Authenticated)

Exploit Title: CITSmart ITSM 9.1.2.27 - 'query' Time-based Blind SQL Injection Authenticated Google Dork: "citsmart.local" Date: 11/03/2021 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.2...

8.8CVSS8.9AI score0.05767EPSS
Exploits3
NVD
NVD
added 2021/04/06 3:15 p.m.28 views

CVE-2021-28142

CITSmart before 9.1.2.28 mishandles the "filtro de autocomplete."...

8.8CVSS0.05767EPSS
Exploits3References2
CVE
CVE
added 2021/04/06 2:7 p.m.75 views

CVE-2021-28142

CVE-2021-28142 affects CITSmart ITSM prior to 9.1.2.28, where the application mishandles the autocomplete filter and allows a SQL injection via the query parameter in the autoCompletePortal path. Multiple connected documents confirm this is a SQL Injection vulnerability (tested as Time-based Blin...

8.8CVSS8.7AI score0.05767EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder