Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3898 matches found

Vulnrichment
Vulnrichmentadded 2023/09/13 12:29 p.m.14 views

CVE-2023-40717

A use of hard-coded credentials vulnerability CWE-798 in FortiTester 2.3.0 through 7.2.3 may allow an attacker who managed to get a shell on the device to access the database via shell commands...

5.3CVSS6.9AI score0.00191EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/09/13 12:29 p.m.17 views

CVE-2023-40717

A use of hard-coded credentials vulnerability CWE-798 in FortiTester 2.3.0 through 7.2.3 may allow an attacker who managed to get a shell on the device to access the database via shell commands...

5.3CVSS7.8AI score0.00191EPSS
Exploits0References1
OSV
OSVadded 2023/09/12 10:15 a.m.2 views

CVE-2023-40726

A vulnerability has been identified in QMS Automotive All versions V12.39. The affected application server responds with sensitive information about the server. This could allow an attacker to directly access the database...

8.8CVSS5.7AI score0.00561EPSS
Exploits0References1
NVD
NVDadded 2023/09/12 10:15 a.m.13 views

CVE-2023-40726

A vulnerability has been identified in QMS Automotive All versions V12.39. The affected application server responds with sensitive information about the server. This could allow an attacker to directly access the database...

8.8CVSS8.4AI score0.00561EPSS
Exploits0References1
Prion
Prionadded 2023/09/12 10:15 a.m.12 views

Code injection

A vulnerability has been identified in QMS Automotive All versions V12.39. The affected application server responds with sensitive information about the server. This could allow an attacker to directly access the database...

6.5CVSS8.3AI score0.00561EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/09/12 9:32 a.m.5 views

CVE-2023-40726

A vulnerability has been identified in QMS Automotive All versions V12.39. The affected application server responds with sensitive information about the server. This could allow an attacker to directly access the database...

8.8CVSS8.3AI score0.00561EPSS
Exploits0References1
CVE
CVEadded 2023/09/12 9:32 a.m.47 views

CVE-2023-40726

CVE-2023-40726 affects Siemens QMS Automotive (all versions prior to 12.39). The Red Hat, NVD, and related records describe an information-disclosure vulnerability where the application server responds with sensitive server data, potentially enabling direct access to the database. Public sources ...

8.8CVSS8.2AI score0.00561EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/09/12 9:32 a.m.17 views

CVE-2023-40726

A vulnerability has been identified in QMS Automotive All versions V12.39. The affected application server responds with sensitive information about the server. This could allow an attacker to directly access the database...

8.8CVSS8.4AI score0.00561EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/09/12 12:0 a.m.5 views

Siemens QMS Automotive 安全漏洞

Siemens QMS Automotive is a quality management system for the automotive industry from Siemens, Germany. Siemens QMS Automotive has an information disclosure hole that can be exploited by an attacker to gain direct access to the database...

8.8CVSS6.5AI score0.00561EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2023/09/05 12:0 a.m.4 views

PT-2023-29310 · Unknown · Ardereg Sistema Scada Central

Name of the Vulnerable Software and Affected Versions: ARDEREG Sistema SCADA Central versions 2.203 and prior Description: The login page of the affected software is vulnerable to an unauthenticated blind SQL injection attack. This allows an attacker to manipulate the application's SQL query logi...

9.8CVSS9.8AI score0.00576EPSS
Exploits0References4
0day.today
0day.todayadded 2023/09/04 12:0 a.m.191 views

Clcknshop 1.0.0 SQL Injection Vulnerability

Exploit Title: Clcknshop 1.0.0 - SQL Injection Exploit Author: CraCkEr Vendor: Infosoftbd Solutions Vendor Homepage: https://infosoftbd.com/ Software Link: https://infosoftbd.com/multitenancy-e-commerce-solution/ Demo: https://kidszone.clckn.shop/ Tested on: Windows 10 Pro Impact: Database Access...

9.8CVSS7.1AI score0.45639EPSS
Exploits3
NVD
NVDadded 2023/08/31 2:15 p.m.11 views

CVE-2023-41636

A SQL injection vulnerability in the Data Richiesta dal parameter of GruppoSCAI RealGimm v1.1.37p38 allows attackers to access the database and execute arbitrary commands via a crafted SQL query...

9.8CVSS9.8AI score0.00861EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2023/08/31 2:15 p.m.5 views

CVE-2023-41636

A SQL injection vulnerability in the Data Richiesta dal parameter of GruppoSCAI RealGimm v1.1.37p38 allows attackers to access the database and execute arbitrary commands via a crafted SQL query...

9.8CVSS6.1AI score0.00861EPSS
Exploits0References5
Prion
Prionadded 2023/08/31 2:15 p.m.25 views

Sql injection

A SQL injection vulnerability in the Data Richiesta dal parameter of GruppoSCAI RealGimm v1.1.37p38 allows attackers to access the database and execute arbitrary commands via a crafted SQL query...

7.5CVSS9.7AI score0.00861EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2023/08/31 12:0 a.m.12 views

CVE-2023-41636

A SQL injection vulnerability in the Data Richiesta dal parameter of GruppoSCAI RealGimm v1.1.37p38 allows attackers to access the database and execute arbitrary commands via a crafted SQL query...

8.4AI score0.00861EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/08/31 12:0 a.m.14 views

CVE-2023-41636

A SQL injection vulnerability in the Data Richiesta dal parameter of GruppoSCAI RealGimm v1.1.37p38 allows attackers to access the database and execute arbitrary commands via a crafted SQL query...

10AI score0.00861EPSS
Exploits0References2
0day.today
0day.todayadded 2023/08/29 12:0 a.m.380 views

SPA-Cart eCommerce CMS 1.9.0.3 SQL Injection Vulnerability

Exploit Title: SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection Exploit Author: CraCkEr Vendor: SPA-Cart Vendor Homepage: https://spa-cart.com/ Software Link: https://demo.spa-cart.com/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4548 CWE: CWE-89 - CWE-74 - CWE-707 Greetings...

9.8CVSS7.1AI score0.20112EPSS
Exploits4
Packet Storm
Packet Stormadded 2023/08/28 12:0 a.m.378 views

SPA-Cart eCommerce CMS 1.9.0.3 SQL Injection

Exploit Title: SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection Exploit Author: CraCkEr Date: 20/08/2023 Vendor: SPA-Cart Vendor Homepage: https://spa-cart.com/ Software Link: https://demo.spa-cart.com/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4548 CWE: CWE-89 - CWE-74 -...

7.1AI score0.20112EPSS
Exploits4
OSV
OSVadded 2023/08/22 7:16 p.m.2 views

CVE-2023-37433

Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and...

8.1CVSS5.9AI score0.0058EPSS
Exploits0References1
OSV
OSVadded 2023/08/22 7:16 p.m.3 views

CVE-2023-37439

Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and...

6.1CVSS5.9AI score
Exploits0References1
Rows per page
Query Builder