Lucene search
K

9890 matches found

Positive Technologies
Positive Technologies
added 2023/12/14 12:0 a.m.3 views

PT-2023-31469 · Empirecms · Empirecms

Name of the Vulnerable Software and Affected Versions: EmpireCMS version 7.5 Description: The issue is a SQL injection vulnerability. It occurs via the ftppassword parameter at the "SetEnews.php" endpoint. Recommendations: For EmpireCMS version 7.5, consider restricting access to the "SetEnews.ph...

9.8CVSS9.7AI score0.00628EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/12/13 12:0 a.m.4 views

PT-2023-32766 · Sourcecodester · Sourcecodester Online Tours & Travels Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Tours & Travels Management System version 1.0 Description: A critical issue affects the function prepare of the file email setup.php. The manipulation of the argument name leads to SQL injection. The exploit has been...

9.8CVSS8.1AI score0.00741EPSS
Exploits1References7
CNNVD
CNNVD
added 2023/12/13 12:0 a.m.4 views

DedeBIZ SQL Injection Vulnerability

DedeBIZ is a content management system from China Muyun Intelligent Technology DedeBIZ company. DedeBIZ 6.2 version exists SQL injection vulnerability, the vulnerability stems from the file /src/admin/contentbatchupaction.php SQL injection vulnerability...

7.2CVSS7.8AI score0.00701EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/12/13 12:0 a.m.5 views

PT-2023-8845 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions 10.0.0 through 10.0.10 Description: The issue is related to the saved search feature in GLPI, which can be used to perform a SQL injection. This allows a remote attacker to execute arbitrary code. The vulnerability is due to the...

10CVSS8AI score0.99628EPSS
Exploits27References159
CNNVD
CNNVD
added 2023/12/12 12:0 a.m.3 views

Emlog 安全漏洞

emlog is a PHP and MySQL based CMS builder for emlog personal developers. Emlog pro2.1.14 version of a security vulnerability, the vulnerability stems from the uid parameter in /admin/media.php contains SQL injection vulnerability. Attackers can use this vulnerability to gain unauthorized access ...

7.2CVSS7.9AI score0.0084EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/12/10 12:0 a.m.6 views

PT-2023-32734 · Sourcecodester · Sourcecodester Simple Student Attendance System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Student Attendance System version 1.0 Description: A critical vulnerability was found in the SourceCodester Simple Student Attendance System. This issue affects the file ajax-api.php?action=save attendance, where the...

9.8CVSS8AI score0.00799EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/12/10 12:0 a.m.4 views

PT-2023-8220 · Unknown · Phpgurukul Nipah Virus Testing Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Nipah Virus Testing Management System version 1.0 Description: A critical vulnerability was found in the PHPGurukul Nipah Virus Testing Management System, affecting the file password-recovery.php. The manipulation of the username...

10CVSS7.9AI score0.00989EPSS
Exploits1References12
OSV
OSV
added 2023/12/08 5:15 p.m.8 views

CVE-2023-6617

A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been classified as critical. Affected is an unknown function of the file attendance.php. The manipulation of the argument classid leads to sql injection. The exploit has been disclosed to the public and may b...

9.8CVSS5.7AI score0.00796EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/12/08 12:0 a.m.6 views

SourceCodester Simple Student Attendance System SQL Injection Vulnerability

Simple Student Attendance System is a simple student attendance system. SourceCodester Simple Student Attendance System version 1.0 suffers from a SQL injection vulnerability that originates from a SQL injection vulnerability in the file attendance.php...

9.8CVSS6.5AI score0.00796EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/12/08 12:0 a.m.8 views

TONGDA Office Anywhere SQL Injection Vulnerability

TONGDA Office Anywhere is a collaborative office OA system. Tongda OA 2017 11.9 and earlier versions have a SQL injection vulnerability that originates from a SQL injection vulnerability in the file pda/pad/email/delete.php...

7.5CVSS6.3AI score0.00643EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2023/12/07 7:15 a.m.4 views

CVE-2023-48823

A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login...

9.8CVSS7.4AI score0.01092EPSS
Exploits3References2
ATTACKERKB
ATTACKERKB
added 2023/12/07 2:15 a.m.3 views

CVE-2023-5761

The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'url' parameter in versions 1.4.0 to 1.4.6.1 free and versions 1.4.0 to 1.5.0 pro due to insufficient escaping on the user supplied parameter and lack of sufficient...

9.8CVSS6AI score0.0069EPSS
Exploits1References3Affected Software2
CNNVD
CNNVD
added 2023/12/07 12:0 a.m.5 views

osCommerce SQL注入漏洞

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. An SQL injection vulnerability exists in osCommerce, which originates from the lack of validation of the parameter estimatecountryid in the file /b2b-supermarket/shopping-cart against externally entered...

9.8CVSS8AI score0.23846EPSS
Exploits3References4
CNNVD
CNNVD
added 2023/12/07 12:0 a.m.5 views

Student Information System SQL Injection Vulnerability

Student Information System is a web-based application platform by Carlo Montero, a personal developer. It can help a university or college to manage student information and academic records. Student Information System v1.0 suffers from a SQL injection vulnerability that stems from the presence of...

9.8CVSS9.4AI score0.00883EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/12/07 12:0 a.m.7 views

Baizhuo S210 SQL Injection Vulnerability

Baizhuo S210 is an Internet Behavior Management IBM appliance from Baizhuo, China. Baizhuo S210 suffers from a SQL injection vulnerability, which originates from the parameter txt in the file /Tool/repair.php that can lead to SQL injection...

8.8CVSS7.3AI score0.02838EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2023/12/06 11:15 p.m.5 views

CVE-2023-46353

In the module "Product Tag Icons Pro" ticons before 1.8.4 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The method TiconProduct::getTiconByProductAndTicon has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...

9.8CVSS5.9AI score0.00766EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/06 12:0 a.m.5 views

PrestaShop SQL注入漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. PrestaShop suffers from a SQL injection vulnerability that stems from the module havi...

9.8CVSS9.5AI score0.00766EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/04 12:0 a.m.4 views

WordPress plugin Easy Newsletter Signups security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

7.2CVSS7.7AI score0.00958EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/12/04 12:0 a.m.5 views

SEMCMS Security Breach

SEMCMS is a foreign trade web content management system CMS that supports multiple languages. A security vulnerability exists in SEMCMS version 3.9, which stems from a lack of security checking of input to the application. An attacker can exploit the vulnerability to inject malicious SQL commands...

7.5CVSS7.8AI score0.00858EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/12/01 12:0 a.m.5 views

Library Management System Security Vulnerability

Library Management System is a library management system with QR code for attendance and automatic generation of library card by King Albaracin Personal Developer. A security vulnerability exists in Senayan Library Management Systems 9 Bulian v9.6.1, which stems from vulnerability to SQL injectio...

8.8CVSS8AI score0.00746EPSS
Exploits1References2
Rows per page
Query Builder