Lucene search
+L

6085 matches found

ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2024-58367

SurrealDB versions before 2.0.4 fail to properly enforce field permissions during SELECT, UPDATE, and DELETE operations, allowing authorized users to access unauthorized field values through various query techniques. Attackers can exploit SELECT VALUE operations, field aliasing, function argument...

7.1CVSS5.2AI score
Exploits0References3
Cvelist
Cvelist
added yesterday11 views

CVE-2024-58367 SurrealDB before 2.0.4 Improper Authorization via SELECT Permissions

SurrealDB versions before 2.0.4 fail to properly enforce field permissions during SELECT, UPDATE, and DELETE operations, allowing authorized users to access unauthorized field values through various query techniques. Attackers can exploit SELECT VALUE operations, field aliasing, function argument...

7.1CVSS
Exploits0References2
Nuclei
Nuclei
added yesterday68 views

TCExam <= 14.8.1 - Sensitive Information Exposure

When installed following the default/recommended settings, TCExam = 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which includes sensitive database backup files. id: CVE-2021-20114 info: name: TCExam = 14.8.1 - Sensitive Information Exposure author: push4d severity:...

7.5CVSS7.3AI score0.05973EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday45 views

Geoserver - Server-Side Request Forgery

GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows server-side request forgery via the option for setting a proxy host. id: CVE-2021-40822 info: name: Geoserver - Server-Side Request Forgery author: For3stCo1d,aringo-bf severity: high description: GeoServer through 2.18.5 and 2.19.x throug...

7.5CVSS7.3AI score0.19761EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday143 views

Cachet <=2.3.18 - SQL Injection

Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the SearchableTraitscopeSearch. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator's password and...

8.1CVSS7.3AI score0.09752EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday35 views

74cms - ajax_officebuilding.php SQL Injection

A SQL injection vulnerability exists in 74cms 3.2.0 via the x parameter to ajaxofficebuilding.php. id: CVE-2020-22210 info: name: 74cms - ajaxofficebuilding.php SQL Injection author: ritikchaddha severity: critical description: | A SQL injection vulnerability exists in 74cms 3.2.0 via the x...

9.8CVSS7.5AI score0.08579EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday30 views

Joomla! Component redTWITTER 1.0 - Local File Inclusion

A drectory traversal vulnerability in the redTWITTER comredtwitter component 1.0.x including 1.0b11 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the view parameter to index.php. id: CVE-2010-1983 info: name: Joomla! Component redTWITTER 1.0 - Local File Inclusio...

7.5CVSS5.6AI score0.18816EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday45 views

Good Layers LMS Plugin <= 2.1.4 - SQL Injection

An unauthenticated SQL Injection vulnerability in Good Layers LMS Plugin = 2.1.4 exists due to the usage of "wpajaxnopriv" call in WordPress, which allows any unauthenticated user to get access to the function "gdlrlmscancelbooking" where POST Parameter "id" was sent straight into SQL query witho...

9.8CVSS8.9AI score0.1064EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday68 views

Joomla! Component News Portal 1.5.x - Local File Inclusion

A directory traversal vulnerability in the iJoomla News Portal comnewsportal component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1312 info: name: Joomla! Component News Portal 1.5.x - Local File...

5CVSS5.6AI score0.13621EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday67 views

74cms - ajax_street.php 'x' SQL Injection

SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajaxstreet.php. id: CVE-2020-22208 info: name: 74cms - ajaxstreet.php 'x' SQL Injection author: ritikchaddha severity: critical description: | SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajaxstreet.php. impact: | Successful...

9.8CVSS7.7AI score0.09743EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday70 views

IBAX - SQL Injection

IBAX go-ibax functionality is susceptible to SQL injection via the file /api/v2/open/rowsInfo. The manipulation of the argument tablename leads to SQL injection, and the attack may be launched remotely. An attacker can potentially obtain sensitive information, modify data, and/or execute...

8.8CVSS7.9AI score0.02241EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday43 views

Cuppa CMS v1.0 - Authenticated Local File Inclusion

The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using function parameter value as LFI payload. id: CVE-2022-37191 info: name: Cuppa CMS v1.0 - Authenticated Local File Inclusion author: theamanrawat...

6.5CVSS6.4AI score0.02646EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday38 views

Visualizer <3.3.1 - Blind Server-Side Request Forgery

Visualizer prior to 3.3.1 suffers from a blind server-side request forgery vulnerability via the /wp-json/visualizer/v1/upload-data endpoint. id: CVE-2019-16932 info: name: Visualizer 3.3.1 - Blind Server-Side Request Forgery author: akincibor severity: critical description: | Visualizer prior to...

10CVSS8.4AI score0.39137EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday57 views

Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Remote File Inclusion/Server-Side Request Forgery

Onair2 3.9.9.2 and KenthaRadio 2.0.2 have exposed proxy functionality to unauthenticated users. Sending requests to this proxy functionality will have the web server fetch and display the content from any URI, allowing remote file inclusion and server-side request forgery. id: CVE-2021-24472 info...

9.8CVSS8.6AI score0.56614EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday91 views

Cartadis Gespage 8.2.1 - Directory Traversal

Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData. id: CVE-2021-33807 info: name: Cartadis Gespage 8.2.1 - Directory Traversal author: daffainfo severity: high description: Cartadis Gespage through 8.2.1 allows Directory Traversa...

7.5CVSS7.3AI score0.16139EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday44 views

Wavlink - Improper Access Control

Wavlink WL-WN530H4 M30H4.V5030.210121 is susceptible to improper access control in the component /cgi-bin/ExportLogs.sh. An attacker can download configuration data and log files, obtain admin credentials, and potentially execute unauthorized operations. id: CVE-2022-48165 info: name: Wavlink -...

7.5CVSS7.4AI score0.03284EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday57 views

Garage Management System 1.0 - SQL Injection

Garage Management System 1.0 contains a SQL injection vulnerability in /login.php via manipulation of the argument username with input [email protected]' AND SELECT 6427 FROM SELECTSLEEP5LwLu AND 'hsvT'='hsvT. An attacker can possibly obtain sensitive information from a database, modify data, and/or execut...

9.8CVSS8.6AI score0.0453EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday122 views

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/takeaction.php?id=. id: CVE-2022-31984 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...

7.2CVSS7.6AI score0.04863EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday673 views

Thinkphp Lang - Local File Inclusion

ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled langswitchon=true. An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php. id:...

9.8CVSS8.4AI score0.16378EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday71 views

Hospital Management System 1.0 - SQL Injection

Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/doctor.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id:...

9.8CVSS8.8AI score0.07476EPSS
Exploits1References4
Rows per page
Query Builder