CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3898 matches found

CNNVD•added 2024/08/29 12:0 a.m.•3 views

Gether 6SHR System SQL注入漏洞

Gether 6SHR System is a system from Gether, Inc. Gether 6SHR System suffers from a SQL injection vulnerability that originates from not properly validating specific page parameters, which allows remote attackers with regular privileges to inject SQL commands to read, modify, and delete database...

8.8CVSS8.1AI score0.00595EPSS

Exploits0References4

CNNVD•added 2024/08/29 12:0 a.m.•2 views

SportsNET SQL注入漏洞

SportsNET is a sports event network application from SportsNET, Inc. SportsNET suffers from a SQL injection vulnerability that can be exploited by an attacker to retrieve, update, and delete all information in the database via a specially crafted SQL query...

9.8CVSS7.7AI score0.00408EPSS

Exploits0References2

CNNVD•added 2024/08/29 12:0 a.m.•2 views

SportsNET SQL注入漏洞

9.8CVSS7.7AI score0.00408EPSS

Exploits0References2

Positive Technologies•added 2024/08/29 12:0 a.m.•3 views

PT-2024-22969 · Sportsnet · Sportsnet

Name of the Vulnerable Software and Affected Versions: SportsNET version 4.0.1 Description: The issue concerns SQL injection vulnerabilities that could allow an attacker to retrieve, update, and delete all information in the database by sending a specially crafted SQL query to the endpoint:...

9.8CVSS7.6AI score0.00452EPSS

Exploits0References8

CNNVD•added 2024/08/29 12:0 a.m.•3 views

SportsNET SQL注入漏洞

9.8CVSS7.7AI score0.00408EPSS

Exploits0References2

CNNVD•added 2024/08/29 12:0 a.m.•3 views

SportsNET SQL注入漏洞

9.8CVSS7.7AI score0.00408EPSS

Exploits0References2

Vulnrichment•added 2024/08/28 8:17 p.m.•13 views

CVE-2024-45059 Authenticated SQL Injection in i-Educar

i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A SQL Injection vulnerability was found prior to the 2.9 branch in the ieducar/intranet/funcionariovinculodet.php file, which creates the query by...

8.8CVSS8.9AI score0.00665EPSS

Exploits1References4

Cvelist•added 2024/08/28 8:17 p.m.•21 views

CVE-2024-45059 Authenticated SQL Injection in i-Educar

8.8CVSS0.00665EPSS

Exploits1References4

CVE•added 2024/08/28 8:17 p.m.•60 views

CVE-2024-45059

CVE-2024-45059 describes an authenticated SQL Injection in i-Educar prior to version 2.9, where the query in ieducar/intranet/funcionario_vinculo_det.php is built by concatenating the unsanitized GET parameter cod_func. This allows an attacker to access sensitive data such as emails and password ...

8.8CVSS8.9AI score0.00665EPSS

Exploits1References4Affected Software1

CNVD•added 2024/08/27 12:0 a.m.•4 views

ZOHO ManageEngine ADAudit Plus SQL Injection Vulnerability (CNVD-2024-37486)

ZOHO ManageEngine ADAudit Plus is ZOHO's solution for simplifying audits, proving compliance and detecting threats. ZOHO ManageEngine ADAudit Plus prior to version 8000 suffers from a SQL injection vulnerability that can be exploited by an attacker to execute custom queries and access database...

8.8CVSS7.9AI score0.04037EPSS

Exploits0References1

CNVD•added 2024/08/27 12:0 a.m.•4 views

ZOHO ManageEngine ADAudit Plus SQL Injection Vulnerability (CNVD-2024-37485)

ZOHO ManageEngine ADAudit Plus is ZOHO's solution for simplifying audits, proving compliance and detecting threats. A SQL injection vulnerability exists in ZOHO ManageEngine ADAudit Plus prior to version 8121, which can be exploited by an attacker to execute custom queries and access database tab...

8.8CVSS8AI score0.04517EPSS

Exploits0References1

CNVD•added 2024/08/27 12:0 a.m.•7 views

ZOHO ManageEngine ADAudit Plus SQL Injection Vulnerability (CNVD-2024-37484)

8.8CVSS7.8AI score0.04505EPSS

Exploits0References1

CNVD•added 2024/08/27 12:0 a.m.•3 views

ZOHO ManageEngine ADAudit Plus SQL Injection Vulnerability (CNVD-2024-37483)

8.8CVSS7.9AI score0.05279EPSS

Exploits0References1

CNVD•added 2024/08/27 12:0 a.m.•3 views

ZOHO ManageEngine ADAudit Plus SQL Injection Vulnerability (CNVD-2024-37482)

ZOHO ManageEngine ADAudit Plus is ZOHO's solution for simplifying audits, proving compliance and detecting threats. A SQL injection vulnerability exists in ZOHO ManageEngine ADAudit Plus 8000 and prior versions, which can be exploited by an attacker to execute custom queries and access database...

8.8CVSS8AI score0.04037EPSS

Exploits0References1

CNVD•added 2024/08/27 12:0 a.m.•4 views

ZOHO ManageEngine ADAudit Plus SQL Injection Vulnerability (CNVD-2024-37480)

8.8CVSS7.9AI score0.04505EPSS

Exploits0References1

CNVD•added 2024/08/27 12:0 a.m.•6 views

ZOHO ManageEngine ADAudit Plus SQL Injection Vulnerability (CNVD-2024-37481)

8.8CVSS8AI score0.05172EPSS

Exploits0References1

CNNVD•added 2024/08/26 12:0 a.m.•2 views

CIGES 安全漏洞

CIGES is a queue and reservation management system from CIGES, Inc. A security vulnerability exists in CIGES versions prior to 2.15.5, which stems from a vulnerability that allows a remote attacker to send a specially crafted SQL query and retrieve all information stored in the database...

9.8CVSS7AI score0.00487EPSS

Exploits0References2

CNVD•added 2024/08/23 12:0 a.m.•8 views

Kashipara Music Management System SQL Injection Vulnerability (CNVD-2024-37443)

Kashipara Music Management System is a music management system from Kashipara. A SQL injection vulnerability exists in Kashipara Music Management System v1.0, which originates from the lack of validation of the pid parameter of /music/manageplaylistitems.php against external SQL input, and can be...

9.8CVSS7.9AI score0.00382EPSS

Exploits1References1

CNNVD•added 2024/08/23 12:0 a.m.•3 views

ZOHO ManageEngine ADAudit Plus 安全漏洞

8.8CVSS8.1AI score0.04037EPSS

Exploits0References2

CNNVD•added 2024/08/23 12:0 a.m.•2 views

ZOHO ManageEngine ADAudit Plus 安全漏洞

8.8CVSS8.1AI score0.05172EPSS

Exploits0References2

Rows per page