Lucene search
K

601 matches found

Vulnrichment
Vulnrichment
added 2023/09/19 12:57 p.m.10 views

CVE-2023-4092 SQL injection vulnerability in Fujitsu Arconte Áurea

SQL injection vulnerability in Arconte Áurea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to read sensitive data from the database, modify data insert/update/delete, perform database administration operations and, in some cases, execute commands on the...

8.8CVSS7.9AI score0.00558EPSS
Exploits0References1
hivepro
hivepro
added 2023/06/05 11:3 a.m.12 views

The Exploitation of Critical Zero-Day Vulnerability Found in MOVEit Transfer

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The MOVEit Transfer vulnerability is that it allows for unauthorized access to the database, potential manipulation or deletion of its contents, and exploitation of affected systems. To receive...

6.8AI score
Exploits0
CNVD
CNVD
added 2023/05/25 12:0 a.m.2 views

SQL Injection Vulnerability in the Teaching Management System of Hunan Qiangzhi Science and Technology Development Co.

Hunan Strong Intelligence Technology Development Co., Ltd. is a leading provider of education informatization services in the industry. A SQL injection vulnerability exists in the Academic Affairs Management System of Hunan Qiangzhi Science and Technology Development Company Limited, which can be...

7.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/04/13 12:0 a.m.7 views

PT-2023-2753 · Fortinet · Fortinac-F +1

Name of the Vulnerable Software and Affected Versions: FortiNAC-F version 7.2.0 FortiNAC versions 9.4.2 and below FortiNAC versions 9.2 and earlier FortiNAC versions 8.8 and earlier FortiNAC versions 8.7 and earlier Description: A use of hard-coded credentials issue may allow an authenticated...

7.8CVSS7.4AI score0.00164EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/01/20 12:0 a.m.16 views

Mangboard SQL注入漏洞

Mangboard is an e-commerce website of the South Korean company Mangboard. A SQL injection vulnerability exists in Mangboard versions prior to 2.0.4. The vulnerability stems from an unchecked input value, which is an SQL injection vulnerability that can be exploited by an attacker to execute...

9.8CVSS9.1AI score0.00891EPSS
Exploits0References2
CNVD
CNVD
added 2022/12/27 12:0 a.m.1 views

SQL Injection Vulnerability in Teaching Management System of Hunan Qiangzhi Technology Development Co.

Hunan Qiangzhi Technology Development Co., Ltd. is an education informatization service provider. A SQL injection vulnerability exists in the Academic Affairs Management System of Hunan Qiangzhi Science and Technology Development Company Limited, which can be exploited by attackers to obtain...

7.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/10/28 12:0 a.m.6 views

PT-2022-10764 · Unknown · Semcms Shop

Name of the Vulnerable Software and Affected Versions: SEMCMS SHOP version 1.1 Description: The issue is related to SQL Injection via the Ant BlogCat.php file. This allows for potential exploitation of the database. No information is provided about the estimated number of potentially affected...

9.8CVSS9.5AI score0.0062EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/10/13 12:0 a.m.5 views

PT-2022-25840 · Ocomon · Ocomon

Name of the Vulnerable Software and Affected Versions: OcoMon version 4.0 Description: A SQL injection issue was discovered in OcoMon via the cod parameter at the "showImg.php" endpoint. This allows for potential exploitation of the database. Recommendations: For OcoMon version 4.0, consider...

9.8CVSS9.6AI score0.00752EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/08/11 12:0 a.m.3 views

Library Management System SQL注入漏洞

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A SQL injection vulnerability exists in Library Management System. An attacker could exploit this vulnerability to conduct SQL injection...

9.8CVSS8.7AI score0.00518EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/03/29 4:37 p.m.5 views

CVE-2022-25880 Delta Electronics DIAEnergie SQL Injection in DIAE_hierarchyHandler.ashx

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerTagKID.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

9.8CVSS7.9AI score0.01172EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/24 12:0 a.m.9 views

PHPGurukul Hospital Management System SQL Injection Vulnerability (CNVD-2021-44925)

PHPGurukul Hospital Management System is a web application for hospitals to manage doctors and patients. A SQL injection vulnerability exists in \hms\admin\betweendates-detailsreports.php in PHPGurukul Hospital Management System version 4.0. The vulnerability can be exploited by an attacker to...

7.5CVSS7.2AI score0.02188EPSS
Exploits1References1
CNVD
CNVD
added 2021/06/24 12:0 a.m.6 views

PHPGurukul Hospital Management System SQL Injection Vulnerability (CNVD-2021-44923)

PHPGurukul Hospital Management System is a web application for hospitals to manage doctors and patients. A SQL injection vulnerability exists in \hms\edit-profile.php in PHPGurukul Hospital Management System version 4.0. An attacker can exploit this vulnerability to obtain sensitive information...

7.5CVSS7.1AI score0.02188EPSS
Exploits1References1
CNVD
CNVD
added 2021/06/17 12:0 a.m.6 views

WESEEK GROWI Input Validation Error Vulnerability (CNVD-2021-43488)

Weseek GROWI is a suite of team collaboration software from Weseek Japan. An input validation error vulnerability exists in WESEEK GROWI that arises from a network system or product that does not properly validate input data. A remote attacker could exploit this vulnerability to obtain or tamper...

9.1CVSS6.3AI score0.01307EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/01 12:0 a.m.4 views

SQL Injection Vulnerability in the Website Building System of Haikou ECCOM Sky Information Technology Company Limited (CNVD-2021-41234)

hereinafter referred to as "ECCOM Sky" is a collection of website construction, website planning, website optimization, search engine optimization and a variety of office software development, program development in one of the high-speed and healthy development of network information technology...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/05/28 12:0 a.m.3 views

SQL Injection Vulnerability in MetInfo 7.3.0

MetInfo is a free and open source enterprise CMS. MetInfo 7.3.0 suffers from a SQL injection vulnerability, which can be exploited by an attacker to obtain sensitive information from the database...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/05/19 12:0 a.m.3 views

SQL Injection Vulnerability in Enterprise Standardized Management System of R&S Information Technology (Shanghai) Co.

R&S Information Technology Shanghai Co., Ltd. is a high-tech company specializing in software development and information services. A SQL injection vulnerability exists in the Enterprise Standardized Management System of R&S Information Technology Shanghai Co. An attacker can exploit the...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/05/16 12:0 a.m.3 views

SQL Injection Vulnerability in Tianzhi Intelligent Hospital Integrated Quality Supervision Platform

Shenzhen Qianhai Tianzhi Information Technology Co., Ltd. is a national high-tech enterprise which firstly focuses on the management of hospital grade evaluation and the informationization construction of hospital comprehensive quality supervision platform. There is a SQL injection vulnerability ...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/05/12 12:0 a.m.1 views

SQL Injection Vulnerability in Ruoyi Management System (CNVD-2021-36506)

Ruoyi management system is based on SpringBoot2.0 permissions management system, the core technology using SpringBoot, MyBatis, Shiro, Thymeleaf, Bootstrap, Vue and so on. The system suffers from a SQL injection vulnerability, which can be exploited by an attacker to obtain sensitive information...

7.4AI score
Exploits0
CNVD
CNVD
added 2021/05/08 12:0 a.m.3 views

SQL Injection Vulnerability in Yuanxin Technology (Stock) Company's Website Building System

Founded in January, 2002, Yonsei Technology Co. It is a company that provides total website planning, website design, web design, programming, web production, internet marketing, web hosting and related web design value-added services. A SQL injection vulnerability has been identified in the...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/04/27 12:0 a.m.2 views

SQL Injection Vulnerability in Telecom Gateway Configuration Management System it***_te***_po***.php Page

China Telecom Group Corporation is China's mega state-owned telecommunications enterprise and a global partner of the Shanghai World Expo. A SQL injection vulnerability exists in the ittepo.php page of the Telecom Gateway Configuration Management System, which can be exploited by attackers to...

7.5AI score
Exploits0
Rows per page
Query Builder