Lucene search
K

148 matches found

OSV
OSV
added 2025/08/01 1:15 p.m.5 views

CVE-2025-41371

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in...

8.8CVSS5.7AI score0.00583EPSS
Exploits0References1
OSV
OSV
added 2025/08/01 1:15 p.m.5 views

CVE-2025-41372

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in...

8.8CVSS5.7AI score0.00577EPSS
Exploits0References1
OSV
OSV
added 2025/07/29 1:15 p.m.5 views

CVE-2025-40682

SQL injection vulnerability in Human Resource Management System version 1.0, which allows an attacker to retrieve, create, update and delete databases via the “city” and “state” parameters in the /controller/ccity.php endpoint...

9.8CVSS5.8AI score0.0029EPSS
Exploits0References1
NVD
NVD
added 2025/06/10 10:15 a.m.11 views

CVE-2025-40655

A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the name parameter in /antcatalogue.asp...

9.8CVSS0.00312EPSS
Exploits0References1
OSV
OSV
added 2025/06/10 10:15 a.m.3 views

CVE-2025-40656

A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the cod parameter in /administer/node-selection/data.asp...

9.8CVSS5.7AI score0.00312EPSS
Exploits0References1
OSV
OSV
added 2025/06/10 10:15 a.m.5 views

CVE-2025-40655

A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the name parameter in /antcatalogue.asp...

9.8CVSS5.7AI score0.00312EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/06 12:0 a.m.4 views

PT-2025-24188 · Unknown · Libro De Reclamaciones Y Quejas

Name of the Vulnerable Software and Affected Versions: Libro de Reclamaciones y Quejas versions 0.9 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

7.6CVSS7.5AI score0.00355EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:40 a.m.10 views

CVE-2024-30157

A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to...

7.2CVSS8.2AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:40 a.m.11 views

CVE-2024-35286

A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary...

9.8CVSS9.7AI score0.65559EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:15 a.m.4 views

CVE-2024-30158

A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute...

7.2CVSS8AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:24 a.m.9 views

CVE-2022-46901

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface that allows for the unauthenticated execution of various tasks and database functions. This...

7.5CVSS7.1AI score0.00514EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/16 12:0 a.m.3 views

PT-2025-21685 · Lambertgroup · Lambertgroup Apollo

Name of the Vulnerable Software and Affected Versions: LambertGroup Apollo versions through 3.6.3 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. To mitigate the...

8.5CVSS9.1AI score0.00107EPSS
Exploits0References4
Fedora
Fedora
added 2025/05/11 1:43 a.m.15 views

[SECURITY] Fedora 40 Update: php-adodb-5.22.9-1.fc40

ADOdb is an object oriented library written in PHP that abstracts database operations for portability. It is modelled on Microsoft's ADO, but has many improvements that make it unique eg. pivot tables, Active Record support, generating HTML for paging recordsets with next and previous links, cach...

10CVSS9.7AI score0.00664EPSS
Exploits0
Fedora
Fedora
added 2025/05/11 1:16 a.m.22 views

[SECURITY] Fedora 42 Update: php-adodb-5.22.9-1.fc42

ADOdb is an object oriented library written in PHP that abstracts database operations for portability. It is modelled on Microsoft's ADO, but has many improvements that make it unique eg. pivot tables, Active Record support, generating HTML for paging recordsets with next and previous links, cach...

10CVSS9.7AI score0.00664EPSS
Exploits0
Citrix
Citrix
added 2025/04/21 12:0 a.m.12 views

Citrix Virtual Apps and Desktops: Issues with Monitor Service after upgrade to 2402 CU2

Environment has been upgraded to 2402 CU2 version. When admin invokes a cmdlet: Get-MonitorConfiguration, the error is displayed: A database operation failed and could not be recovered : Reason ? Not all Delivery Controllers are affected and cmdlet returns actual configuration on some of the...

6.6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.7 views

PT-2025-17122 · Unknown · Kiotviet Sync

Name of the Vulnerable Software and Affected Versions: KiotViet Sync versions 1.8.3 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: Fo...

8.5CVSS9.1AI score0.00342EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/04 12:0 a.m.3 views

PT-2025-14982 · Unknown · Falling Things

Name of the Vulnerable Software and Affected Versions: Falling things versions n/a through 1.08 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: Fo...

7.6CVSS8.2AI score0.00596EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/02/07 12:0 a.m.6 views

PT-2025-5971 · Apache · Apache Kvrocks

Name of the Vulnerable Software and Affected Versions: Apache Kvrocks versions 1.0 through 2.11.0 Description: A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks. Since Kvrocks did not detect if Host: or POST appears in RESP requests, a valid HTTP request can also be sent to...

7.4CVSS7.1AI score0.02147EPSS
Exploits0References10
CNVD
CNVD
added 2024/10/28 12:0 a.m.9 views

Mitel MiCollab SQL Injection Vulnerability (CNVD-2024-42937)

Mitel MiCollab is a mobile application from Mitel Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. Mitel MiCollab suffers from an SQL injection vulnerability that can be exploited by attackers to access sensitive information and perform...

9.8CVSS7.5AI score0.65559EPSS
Exploits0References1
CNVD
CNVD
added 2024/10/23 12:0 a.m.7 views

Mitel MiCollab SQL Injection Vulnerability (CNVD-2024-42934)

Mitel MiCollab is a mobile application from Mitel Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. A SQL injection vulnerability exists in Mitel MiCollab version 9.7.1.110 and earlier, which stems from insufficient validation of user input in...

7.2CVSS7.8AI score0.00403EPSS
Exploits0References1
Rows per page
Query Builder