Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

48 matches found

NVD
NVDadded 2021/07/26 6:15 p.m.5 views

CVE-2021-37477

In NavigateCMS version 2.9.4 and below, function in structure.php is vulnerable to sql injection on parameter childrenorder, which results in arbitrary sql query execution in the backend database...

9.8CVSS0.00679EPSS
Exploits1References3
CNVD
CNVDadded 2019/11/20 12:0 a.m.3 views

Redmine SQL Injection Vulnerability

Redmine is a set of open source Web-based project management and defect tracking tools . The product provides project management , issue tracking and role-based access control and other features . A SQL injection vulnerability exists in Redmine. The vulnerability stems from a lack of validation o...

6.5CVSS8.2AI score0.27968EPSS
Exploits2References1
UbuntuCve
UbuntuCveadded 2019/09/17 9:15 p.m.24 views

CVE-2019-16391

SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiseraction.php...

6.5CVSS7.2AI score0.00871EPSS
Exploits0References5
OSV
OSVadded 2019/07/29 6:15 p.m.4 views

CVE-2019-13571

A SQL injection vulnerability exists in the Vsourz Digital Advanced CF7 DB plugin through 1.6.1 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

9.8CVSS7.6AI score0.05062EPSS
Exploits1References6
OSV
OSVadded 2018/07/08 4:29 p.m.1 views

UBUNTU-CVE-2018-13447

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut parameter...

9.8CVSS7.7AI score0.0029EPSS
Exploits0References2
CNVD
CNVDadded 2016/06/08 12:0 a.m.2 views

Zend Framework PDO Adapter Arbitrary Command Execution Vulnerability

Zend Framework ZF is an open source PHP5 development framework for developing web applications and services. In versions prior to Zend Framework 1.12.16, the PDO adapter does not filter null characters within SQL statements, which allows remote attackers to execute arbitrary SQL commands via a...

9.8CVSS8.2AI score0.02248EPSS
Exploits0References1
Exploit DB
Exploit DBadded 2014/09/24 12:0 a.m.33 views

Restaurant Script (PizzaInn Project) - Persistent Cross-Site Scripting

Title: Pizza Inn Registration Stored XSS Severity: High CVE-ID: CVE-2014-6619 Release Date: 20 September 2014 Author: Kenneth F. Belva Websites: http://silverbackventuresllc.com http://xssWarrior.com http://securitymaverick.com Twitter: @infosecmaverick Contact: Please use website contact form...

4.3CVSS7AI score0.02904EPSS
Exploits5
Exploit DB
Exploit DBadded 2002/08/14 12:0 a.m.36 views

Leszek Krupinski L-Forum 2.4 - Search Script SQL Injection

source: https://www.securityfocus.com/bid/5468/info Reportedly, L-Forum is vulnerable to SQL injection attacks. The vulnerability lies in the file 'search.php' L-Forum does not properly sanitize user input that is used as part of the search parameter in the 'search.php' file. SQL code may be...

7.4AI score
Exploits0
Rows per page
Query Builder