Lucene search
K

76 matches found

Vulnrichment
Vulnrichment
added 5 days ago7 views

CVE-2026-14261 CVE-2026-14261

A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control...

6.6AI score0.00571EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42583

A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control...

9.1CVSS6.6AI score0.00571EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.12 views

CVE-2026-34185

Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control Syst...

8.8CVSS5.9AI score0.0029EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.10 views

CVE-2026-40546

SOPlanning is vulnerable to SQL Injection across multiple endpoints and parameters. Attacker with low privileges can inject arbitrary SQL commands, potentially gaining full control over the database. This issue affects SOPlanning version 1.55 and below...

8.7CVSS5.8AI score0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 9:4 a.m.21 views

EUVD-2026-33612

SOPlanning is vulnerable to SQL Injection across multiple endpoints and parameters. Attacker with low privileges can inject arbitrary SQL commands, potentially gaining full control over the database. This issue affects SOPlanning version 1.55 and below...

8.8CVSS6AI score0.00273EPSS
Exploits0References2
CVE
CVE
added 2026/06/01 9:4 a.m.23 views

CVE-2026-40546

SOPlanning (affected versions 1.55 and earlier) is vulnerable to SQL Injection across multiple endpoints and parameters. An attacker with low privileges can inject arbitrary SQL commands, potentially gaining full control of the database. This is documented under CVE-2026-40546; related CVEs descr...

8.7CVSS6AI score0.00211EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.10 views

LinkAce 注入漏洞

LinkAce is a self-hosted repository developed by Kevin Woblick, designed to collect links to your favorite websites. Versions of LinkAce prior to 2.5.6 had an injection vulnerability. This vulnerability stemmed from the database configuration process allowing attackers to control databases by...

8.1CVSS6AI score0.00456EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/09 12:31 p.m.3 views

EUVD-2026-20886

Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control Syst...

8.7CVSS6.1AI score0.0029EPSS
Exploits0References3
NVD
NVD
added 2026/04/09 10:16 a.m.4 views

CVE-2026-34185

Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control Syst...

8.8CVSS0.0029EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/09 9:41 a.m.2 views

CVE-2026-34185 SQL Injection in Hydrosystem Control System

Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control Syst...

8.7CVSS6.1AI score0.0029EPSS
Exploits0References2
CVE
CVE
added 2026/04/09 9:41 a.m.12 views

CVE-2026-34185

CVE-2026-34185 — SQL Injection in Hydrosystem Control System Affected product: Hydrosystem Control System.Vulnerability: SQL Injection across most scripts and input parameters due to lack of protections.Impact: With authentication, an attacker can inject arbitrary SQL commands, potentially gainin...

8.8CVSS6.1AI score0.0029EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.9 views

GUnet OpenEclass 访问控制错误漏洞

GUnet OpenEclass is a learning management system developed by the Greek company GUnet. Version 1.7.3 of GUnet OpenEclass contains an access control vulnerability. This vulnerability stems from the default inclusion of phpMyAdmin 2.10.0.2, which may allow attackers to obtain MySQL passwords and ga...

8.8CVSS5.8AI score0.00415EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2019-16107

Malware in sbrugna...

9.8CVSS9.2AI score0.01277EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-0857

Malware in sbrugna...

6.8CVSS6.4AI score0.01413EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-9189

Malware in sbrugna...

9.8CVSS9.3AI score0.01645EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-30251

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.01322EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.6 views

PT-2025-38610

Name of the Vulnerable Software and Affected Versions Vasion Print Virtual Appliance Host versions prior to 22.0.843 Vasion Print Application versions prior to 20.0.1923 Description Vasion Print contains dangerous PHP dead code in multiple Docker-hosted PHP instances. A script located at...

9.3CVSS8.6AI score0.01322EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/09/19 12:0 a.m.4 views

Vasion Print Virtual Appliance Host和Vasion Print Application 安全漏洞

Vasion Print Virtual Appliance Host and Vasion Print Application are both products of Vasion Corporation of the U.S.A. Vasion Print Virtual Appliance Host is a print management software.Vasion Print Application is a printer management application. A security vulnerability exists in Vasion Print...

9.8CVSS8AI score0.01322EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/05/13 9:37 a.m.12 views

CVE-2025-40628 SQL Injection in DomainsPRO

SQL injection vulnerability in DomainsPRO 1.2. This vulnerability could allow an attacker to retrieve, create, update and delete databases via the “d” parameter in the “/article.php” endpoint...

9.3CVSS0.0029EPSS
Exploits0References1
CVE
CVE
added 2025/04/22 12:0 a.m.61 views

CVE-2025-43949

MuM MapEdit (mapedit-web) 24.2.3 is affected by a SQL injection vulnerability (CVE-2025-43949). The available data state that an attacker can execute malicious SQL statements that control the web application's database server. The issue has a CVSS v3.1 base score of 9.8 (CRITICAL) with network at...

9.8CVSS8.4AI score0.00373EPSS
Exploits0References2
Rows per page
Query Builder