Lucene search
K

96 matches found

NVD
NVD
added 2024/05/24 10:15 a.m.17 views

CVE-2024-5314

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters sortorder y sortfield in...

9.1CVSS9.7AI score0.00562EPSS
Exploits0References1
OSV
OSV
added 2024/05/24 10:6 a.m.23 views

CVE-2024-5315 Multiple vulnerabilities in DOLIBARR's ERP CMS

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters viewstatut in...

9.1CVSS7.3AI score0.32872EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/05/24 10:6 a.m.23 views

CVE-2024-5315 Multiple vulnerabilities in DOLIBARR's ERP CMS

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters viewstatut in...

9.1CVSS7.5AI score0.32872EPSS
Exploits0References1
CVE
CVE
added 2024/05/24 10:6 a.m.119 views

CVE-2024-5315

Dolibarr ERP/CRM (Dolibarr) - SQL Injection (CVE-2024-5315) affects version 9.0.1 and is triggered via viewstatut in /dolibarr/commande/list.php. Root cause: improper handling of input in the SQL query framework allows remote attackers to craft input that alters the query, leading to data disclos...

9.1CVSS9.6AI score0.32872EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/24 10:0 a.m.14 views

CVE-2024-5314 Multiple vulnerabilities in DOLIBARR's ERP CMS

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters sortorder y sortfield in...

9.1CVSS7.5AI score0.00562EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/24 10:0 a.m.25 views

CVE-2024-5314 Multiple vulnerabilities in DOLIBARR's ERP CMS

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters sortorder y sortfield in...

9.1CVSS9.7AI score0.00562EPSS
Exploits0References1
OSV
OSV
added 2024/05/24 10:0 a.m.9 views

CVE-2024-5314 Multiple vulnerabilities in DOLIBARR's ERP CMS

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters sortorder y sortfield in...

9.1CVSS7.3AI score0.00562EPSS
Exploits0References3
CVE
CVE
added 2024/05/16 12:7 p.m.59 views

CVE-2024-4826

CVE-2024-4826 : SQL injection in the open-source PHP Shopping Cart (version 0.9) due to improper sanitisation of the category_id parameter in category.php. The issue enables an attacker to exfiltrate data from the database. CVSS metrics in the sources show a CRITICAL impact (CVSS v3.1/AV:N/AC:L/P...

9.8CVSS7.2AI score0.00408EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 3:45 p.m.20 views

CVE-2024-4824

Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/officeadmin/' index in the parameters groupsid, examname, classesid, esvoucherid, esclass, etc. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and...

9.8CVSS9.6AI score0.00737EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/13 11:29 a.m.15 views

CVE-2024-4824 SQL Injection in School ERP Pro+Responsive by AROX SOLUTION

Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP/officeadmin/' index in the parameters groupsid, examname, classesid, esvoucherid, esclass, etc. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and...

9.8CVSS7.4AI score0.00737EPSS
Exploits0References1
CVE
CVE
added 2024/05/13 11:29 a.m.67 views

CVE-2024-4824

CVE-2024-4824 affects School ERP Pro+Responsive 1.0. The vulnerability is an SQL injection in the /SchoolERP/office_admin/ page via parameters such as groups_id, examname, classes_id, es_voucherid, es_class, etc., allowing a remote attacker to execute crafted queries and potentially retrieve all ...

9.8CVSS7.3AI score0.00737EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/05/03 12:15 p.m.13 views

CVE-2024-4466

SQL injection vulnerability in Gescen on the centrosdigitales.net platform. This vulnerability allows an attacker to send a specially crafted SQL query to the pass parameter and retrieve all the data stored in the database...

9.8CVSS9.7AI score0.00504EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 11:44 a.m.56 views

CVE-2024-4466

CVE-2024-4466 describes a SQL injection in Gescen on the centrosdigitales.net platform. The vulnerability allows an attacker to send a specially crafted SQL query to the pass parameter and retrieve all data from the database, indicating a data confidentiality and integrity impact. The PT-2024-312...

9.8CVSS7.5AI score0.00504EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/03 11:44 a.m.20 views

CVE-2024-4466 SQL injection vulnerability in Gescen

SQL injection vulnerability in Gescen on the centrosdigitales.net platform. This vulnerability allows an attacker to send a specially crafted SQL query to the pass parameter and retrieve all the data stored in the database...

9.8CVSS9.8AI score0.00504EPSS
Exploits0References1
CVE
CVE
added 2024/04/12 1:47 p.m.44 views

CVE-2024-3704

OpenGnsys

9.8CVSS7.6AI score0.00729EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/03/22 2:15 p.m.4 views

CVE-2024-2723

SQL injection vulnerability in the CIGESv2 system, through /ajaxSubServicios.php, in the 'idServicio' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query...

7.5CVSS5.9AI score0.00684EPSS
Exploits0References1
NVD
NVD
added 2024/03/22 2:15 p.m.10 views

CVE-2024-2723

SQL injection vulnerability in the CIGESv2 system, through /ajaxSubServicios.php, in the 'idServicio' parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query...

9.8CVSS9.7AI score0.00684EPSS
Exploits0References1
CVE
CVE
added 2024/03/22 1:34 p.m.63 views

CVE-2024-2723

CVE-2024-2723 is a SQL injection in the CIGESv2 system, exploited via the /ajaxSubServicios.php endpoint’s idServicio parameter. This allows a remote attacker to retrieve all data stored in the database. No exploitation details are provided in the documents. Some sources note no public fix inform...

9.8CVSS9.7AI score0.00684EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/18 1:53 p.m.17 views

CVE-2024-2586 SQL injection vulnerability in AMSS++

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/index.php, in the 'username' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB...

8.2CVSS7.4AI score0.00586EPSS
Exploits0References1
NVD
NVD
added 2024/03/12 4:15 p.m.31 views

CVE-2024-1301

SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. A remote attacker could send a specially crafted SQL query to the server via the jusername parameter and retrieve the information stored in the database...

9.8CVSS9.6AI score0.02165EPSS
Exploits0References1
Rows per page
Query Builder