Lucene search
K

258 matches found

Vulnrichment
Vulnrichment
added 2026/02/06 11:14 p.m.4 views

CVE-2020-37163 QuickDate 1.3.2 - SQL Injection

QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'located' parameter in the findmatches endpoint. Attackers can inject UNION-based SQL statements to extract database information including user credentials, database name...

8.8CVSS5.9AI score0.0041EPSS
Exploits0References3
CVE
CVE
added 2026/02/06 11:14 p.m.10 views

CVE-2020-37163

CVE-2020-37163 – QuickDate 1.3.2 suffers a SQL injection in the find_matches endpoint via the '_located' parameter, enabling UNION-based payloads to exfiltrate database information (credentials, DB name, system version). Evidence across sources confirms the vulnerable component and location of in...

8.8CVSS5.7AI score0.0041EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/03 3:11 a.m.8 views

CVE-2025-70958

Multiple reflected cross-site scripting XSS vulnerabilities in the installation module of Subrion CMS v4.2.1 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the dbuser, dbpwd, and dbname parameters...

6.1CVSS5.5AI score0.00254EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.8 views

Subrion CMS 安全漏洞

Subrion CMS is a content management system CMS developed by the Subrion team, based on PHP. This system can be integrated into websites and supports various extension plugins. Version 4.2.1 of Subrion CMS has a security vulnerability, which stems from insufficient input validation for the dbuser,...

6.1CVSS5.6AI score0.00254EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/02/02 12:0 a.m.4 views

CVE-2025-70958

Multiple reflected cross-site scripting XSS vulnerabilities in the installation module of Subrion CMS v4.2.1 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the dbuser, dbpwd, and dbname parameters...

5.5AI score0.00254EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.10 views

PT-2026-5704

Name of the Vulnerable Software and Affected Versions Subrion CMS version 4.2.1 Description The installation module of Subrion CMS contains reflected cross-site scripting XSS flaws. These flaws allow attackers to execute arbitrary Javascript in the context of a user's browser. Exploitation occurs...

6.1CVSS5.4AI score0.00254EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2026/01/07 9:37 a.m.4 views

CVE-2019-7547

An issue was discovered in SIDU 6.0. Because the database name is not strictly filtered, the attacker can insert a name containing an XSS Payload, leading to stored XSS...

4.8CVSS5.8AI score0.0067EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:9 a.m.14 views

CVE-2024-2360

parisneo/lollms-webui is vulnerable to path traversal attacks that can lead to remote code execution due to insufficient sanitization of user-supplied input in the 'Database path' and 'PDF LaTeX path' settings. An attacker can exploit this vulnerability by manipulating these settings to execute...

9.8CVSS8.2AI score0.01869EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.7 views

Coolify 操作系统命令注入漏洞

Coolify is an open source and self-hosted Heroku/Netlify/Vercel replacement from coolLabs Open Source. An operating system command injection vulnerability exists in versions prior to Coolify 4.0.0-beta.451, which stems from an uncleaned database name in the Database Backup feature and could lead ...

9.9CVSS7.2AI score0.0376EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/23 12:0 a.m.4 views

PT-2025-52853

Name of the Vulnerable Software and Affected Versions Coolify versions prior to 4.0.0-beta.451 Description Coolify is a self-hostable tool for managing servers, applications, and databases. An authenticated command injection exists in the Database Import functionality, allowing users with...

9.9CVSS8.7AI score0.0376EPSS
Exploits2References12
RedhatCVE
RedhatCVE
added 2025/12/19 2:9 p.m.4 views

CVE-2025-63947

A Reflected Cross-Site Scripting XSS vulnerability exists in phpMsAdmin version 2.2 in the databasemode.php file. An attacker can execute arbitrary web script or HTML via the dbname parameter after a user is authenticated...

5.4CVSS5.7AI score0.00144EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 9:15 p.m.3 views

CVE-2025-63947

A Reflected Cross-Site Scripting XSS vulnerability exists in phpMsAdmin version 2.2 in the databasemode.php file. An attacker can execute arbitrary web script or HTML via the dbname parameter after a user is authenticated...

5.4CVSS0.00144EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/18 12:0 a.m.3 views

CVE-2025-63948

A SQL Injection vulnerability exists in phpMsAdmin version 2.2 in the databasemode.php file. An attacker can execute arbitrary SQL commands via the dbname parameter, potentially leading to information disclosure or database manipulation...

7.6AI score0.00188EPSS
Exploits1References2
CVE
CVE
added 2025/12/18 12:0 a.m.8 views

CVE-2025-63948

CVE-2025-63948 describes a SQL Injection in phpMsAdmin 2.2, triggered by the unfiltered dbname parameter in the file database_mode.php . The vulnerability allows an attacker to execute arbitrary SQL commands, potentially leading to information disclosure or database manipulation. Affected softwar...

5.4CVSS7.6AI score0.00188EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/09 3:31 p.m.5 views

EUVD-2025-33342

Apache Flink CDC is vulnerable to SQL Injection through maliciously crafted identifiers...

5.1CVSS7.5AI score0.00424EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-8513

Malware in sbrugna...

5.3CVSS6.3AI score0.03488EPSS
Exploits5References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-4501

Malware in sbrugna...

5CVSS6.1AI score0.02126EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-1218

Malware in sbrugna...

4.3CVSS6AI score0.02234EPSS
Exploits2References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2009-2441

Malware in sbrugna...

8.5CVSS4.4AI score0.10586EPSS
Exploits2References25
EUVD
EUVD
added 2025/10/07 12:30 a.m.43 views

EUVD-2020-0268

Malware in sbrugna...

9.8CVSS9.2AI score0.02579EPSS
Exploits0References14
Rows per page
Query Builder